Information Security Senior Analyst

Summary

Join Kraken as a Senior Analyst and contribute to the future of crypto by supporting regional information security, operational resilience, and business continuity initiatives across the UAE and European regions. This role ensures compliance with relevant laws and frameworks, including MiCA, DORA, ISO27001, and UAE SCA regulations. You will collaborate with Group Security and IT teams, contributing to global security frameworks and regional requirements implementation. The position involves risk assessments, business impact analysis, control testing, audit preparation, and regulatory reporting, providing tactical support to the RISO function. Kraken is a fully remote company with a global presence, offering a unique opportunity to work with a world-class team in a mission-focused environment.

Requirements

• 5+ years of experience in Information Security, IT risk management, or compliance
• Strong understanding of financial cybersecurity frameworks, ISO27001, NIST, and DORA frameworks
• Experience supporting BCP/DR planning and operational resilience assessments
• Excellent communication, stakeholder management, and technical documentation skills

Responsibilities

• Prepare, contribute and report to regional risk governance and board committee meetings, highlighting control status, risk exposure, and readiness
• Execute risk assessments and control testing across UAE operations in line with SCA cybersecurity guidelines and security best practices
• Maintain and review Business Impact Assessments (BIA), integrating findings into global resilience planning
• Contribute to Business Continuity Plan (BCP) documentation, testing, and updates, including entity-specific scenarios
• Align UAE-specific regulatory controls with global policies and control frameworks
• Contribute to the development of security policies to meet international and UAE compliance requirements
• Conduct security control validation and document evidence for internal/external audits
• Participate in remediation planning for audit findings and track progress to closure
• Support the RISO in preparing and submitting regulatory documentation to regulators
• Prepare and present security and resilience reports for internal governance committees and local entity management
• Assist in responses to regulatory examinations, including due diligence and compliance queries
• Liaise with compliance and legal teams to interpret regulatory changes and propose control adaptations
• Participate in the regional incident response process, assist with post-incident reviews, and support continuous improvement activities
• Coordinate with cross-functional stakeholders to embed security requirements into operational processes

Preferred Qualifications

Security certifications such as CISSP, CISM, CRISC, ISO27001 Lead Implementer, or CBCP are highly desirable