Information Security Risk Manager

ABOUT TIDE

At Tide we help SMEs save time (and money) in the running of their businesses by not only offering business accounts and related banking services, but also a comprehensive set of highly usable and connected administrative solutions from invoicing to accounting.

Tide is transforming the small business banking market with over 1.6 million members globally across the UK, India, Germany and France. Using advanced technology, all solutions are designed with SMEs in mind. With quick onboarding, low fees and innovative features, we thrive on making data-driven decisions to help SMEs save both time and money.

Tide facts:

• Tide is available for UK, Indian, German and French SMEs
• Over 1.6 million members: 800,000 UK and 800,000 in India and growing rapidly
• Over $200 million raised in funding
• Over 2500 Tideans globally - we’re diversity champions!
• We have offices in Central London, with a member support and technology centre in Sofia, Bulgaria, technology centres in Serbia, Romania, Lithuania and Hyderabad and offices in Gurugram and New Delhi, India

ABOUT THE ROLE:  

As an Information Security Risk Manager you will be a pragmatic information security GRC expert with a proven track record of implementing controls and risk management in a fast-paced, technology-driven environment in India. You possess a strong understanding of modern engineering practices, and know how to apply international best practices (like ISO 27001) effectively to a local tech stack and operational setup. You are passionate about using GRC tooling and automation to manage technology risk.

Core responsibilities will include:

• ISMS Alignment: Ensuring technology controls, processes, and people in India are fully aligned with the global ISMS and local requirements.
• Modern GRC: Implementing real-time compliance monitoring and risk management processes using modern GRC tooling, specifically to monitor the information security posture and controls of the India-based tech stack and service providers.
• Local Risk & Control Oversight: Conducting detailed information security risk assessments and control oversight focused on Tide India's people, process, and technology. Working with local and global First Line of Defence (1LOD) stakeholders to deliver effective risk treatment plans for the India market.
• Technology Alignment: Ensuring information security standards for India operations are robust and align with a modern tech stack (e.g., Infrastructure as Code, CI/CD) used by engineering teams supporting India.
• Audit Facilitation: Facilitating external audits relevant to the ISMS and technology controls in India (e.g., ISO 27001, SAR), and driving the closure of audit findings with local teams.
• Metrics & Reporting: Defining and measuring local key risk indicators (KRIs). Interpreting data from security tooling to develop insightful, risk-focused reporting specifically for Tide India senior leadership.
• Culture & Awareness: Reinforcing a strong security culture and awareness message throughout the India business unit.

WHAT WE ARE LOOKING FOR:  

• 7+years experience in information security GRC, with significant experience working within the technology or financial sector.
• Deep familiarity with modern engineering and security paradigms (DevSecOps, IaC, Zero Trust, Cloud-Native) and applying GRC principles to them.
• Proven experience in implementing and using GRC tooling to monitor compliance and manage risk.
• Experience in implementing and maintaining an ISMS using ISO 27001 within an Indian operational context.
• Strong technical knowledge in information security to effectively assess technical risks and controls.
• Relevant certifications such as CISSP, CISM, or CISA are strongly preferred.

WHAT YOU’LL GET IN RETURN:

Our location-specific employee benefits are designed to cater to the unique needs of Tideans: 

• Competitive Compensation -  competitive salary and share options
• Time Off – Generous annual leave on top of bank holidays.
• Parental Leave – Paid maternity, paternity, and adoption leave to support your family journey.
• Sabbatical – Extended unpaid and paid leave options after completing milestone years with Tide.
• Health Insurance – Private family insurance with additional OPD coverage and top-up options.
• Life & Accident Cover – Comprehensive accidental and life insurance protection.
• Mental Wellbeing – Access to therapy sessions, courses, meditations, and workshops.
• Volunteering & Development Days – Paid days annually for volunteering or personal growth.
• Learning & Development – Annual budget for books, courses, coaching, and more.
• WOO (Work Outside the Office) – Work from abroad for up to 90 days annually.
• Home Office Setup – Contribution towards setting up your home office
• Laptop Ownership – Keep your old laptop and get a new one when it’s time for a replacement.
• Snacks & Meals – Office perks with snacks, coffee, tea, and lunch (location dependent).

TIDE IS A PLACE FOR EVERYONE

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.

• Tide does not charge any fees at any stage of the recruitment process.
• All official Tide job opportunities are listed exclusively on our Careers Page and applications should be submitted through this channel.
• Communication from Tide will only come from an official @tide.co email address.
• Tide does not work with agencies or recruiters without prior formal engagement, and we do not authorize third parties to make job offers on our behalf.

If you are contacted by anyone misrepresenting Tide or requesting payment, please treat it as fraudulent and report it to us immediately at talent@tide.co
Your safety and trust are important to us, and we are committed to ensuring a fair and transparent recruitment process.

Tide leverages AI to enhance our hiring experience. You can read more about how we use AI in our recruitment process in our AI Policy.

Your personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.