Information Security Analyst

checkout.com
London

Company Description

We’re Checkout.com . You might not know our name, but companies like eBay, Spotify, Klarna, Uber, and Sony do, because we’re behind many of the digital experiences you use every day.


We are where the world checks out, enabling over 10 billion transactions yearly for more than one billion global shoppers.

Whether you want to book a holiday, order food, renew a subscription, or check out online, there’s a good chance our tech powers the payments behind the scenes. Our platform helps the most ambitious businesses deliver effortless digital experiences, at scale.

If you want to do career-defining work, you’ve come to the right place. We move fast, think globally, and believe great teams are built by hiring exceptional people with conviction, curiosity, and the desire to make an impact.

With 20 offices across six continents and London as our HQ, we’re shaping the future of fintech – and we’re just getting started.

The Role

As an Information Security Analyst at Checkout.com , you will work across the full breadth of the information security function, spanning Governance, Risk and Compliance (GRC), AI Governance, Application Security (AppSec), Technology Risk, and Data Governance. This is a role for someone who has built a solid foundation in information security and is ready to move from guided execution to genuine ownership of tasks and smaller workstreams.

Security at Checkout operates at scale and at pace. We are a global payments business, regulated across multiple jurisdictions, building infrastructure that processes billions of transactions. Our security function needs analysts who understand how different domains fit together, communicate clearly with technical and non-technical colleagues, and take accountability for the quality of their work.

At L2 you will implement security controls, respond to security incidents, identify risks, and support compliance activities across multiple domains. You work independently for extended periods and are developing the cross-domain knowledge and stakeholder skills that will prepare you for programme ownership at L3 and beyond.

How You'll Make Impact

Governance, Risk and Compliance

- Support workstreams within Checkout's GRC programme, including ISO 27001, SOC 2, PCI DSS, and applicable regulatory obligations across our global licensed entities.

- Assist with control evidence collection activities, coordinating with internal teams to gather accurate and timely evidence in support of audit readiness.

- Maintain GRC documentation including policies, standards, procedures, and control matrices under the guidance of senior colleagues.

- Support monitoring of the risk register, tracking remediation activity against agreed timelines and escalating where commitments are at risk.

- Assist in conducting third-party risk assessments, evaluating supplier security controls in line with Checkout's TPRM framework.

- Develop working knowledge of regulatory obligations across Checkout's operating markets, including FCA/PRA requirements, payment scheme rules, and DORA.

AI Governance

- Support the operationalisation of Checkout's AI governance framework, aligned to ISO 42001, the EU AI Act, and NIST AI RMF.

- Assist in conducting AI risk assessments for internal AI and ML systems and third-party AI tools, under the guidance of more senior analysts.

- Help maintain an inventory of AI use cases and associated risk classifications, working with product and engineering teams as directed.

- Develop awareness of the evolving regulatory landscape for AI in financial services and contribute to policy and control documentation.

- Contribute to the development and communication of responsible AI usage guidance for staff, helping teams across the business understand acceptable use boundaries, data handling expectations, and the risks associated with AI tools in a regulated environment.

Application Security

- Contribute to Checkout's application security programme, including support for secure code review processes, SDLC integration, and developer security guidance.

- Support threat modelling activities for new and existing products, identifying security requirements under the guidance of senior colleagues.

- Assist in managing vulnerability findings from penetration tests, bug bounty programmes, and automated tooling, tracking remediation and validating fixes.

- Apply knowledge of the OWASP Top 10 and secure development frameworks to practical security reviews and guidance activities.

Technology Risk

- Support technology risk assessments across infrastructure, cloud environments, and third-party systems, contributing to outputs with actionable treatment recommendations.

- Assist with control assurance activities including vulnerability scanning coordination, access control assessments, and firewall and configuration reviews.

- Develop an understanding of Checkout's technology risk landscape, identifying emerging threats and contributing inputs to the risk register.

- Support DORA-related ICT risk management activities under the direction of senior analysts.

Data Governance

- Support Checkout's data governance programme, including data classification activities, data flow mapping, and enforcement of data handling standards.

- Assist with data loss prevention (DLP) controls and tooling, contributing to activities that ensure sensitive data is protected throughout its lifecycle.

- Help maintain records of processing activities (RoPA) and support data protection impact assessments (DPIAs) for new systems.

- Develop working knowledge of GDPR, UK GDPR, and applicable regional data protection requirements as they affect Checkout's operations.

Cross-domain Collaboration

- Work with Engineering, Product, Legal, Procurement, Finance, and Compliance teams to support the embedding of security requirements into processes, systems, and projects.

- Respond to security due diligence requests from merchants, partners, and regulators with accuracy and within agreed SLAs, escalating complex queries appropriately.

- Communicate clearly with internal stakeholders on security requirements, keeping teams updated on changes and project progress.

- Contribute to security awareness initiatives, promoting a security-conscious culture across Checkout.

What We're Looking for

Experience

- 1 to 2 years of experience in information security, IT audit, or a closely related function, ideally within payments, financial services, or fintech.

- Working knowledge of at least one of the following domains: GRC, AppSec, technology risk, or data governance.

- Practical familiarity with at least one compliance framework: PCI DSS, ISO 27001, SOC 2, NIST CSF, or equivalent.

- Some exposure to external audits, risk assessments, or security assurance activities.

- Ability to manage tasks independently and deliver on commitments reliably.

Skills and Approach

- Clear written and verbal communication. You can translate security concepts for technical and non-technical audiences.

- Detail-oriented and methodical. You approach your work carefully and follow through consistently.

- Curious and proactive. You ask questions, flag issues early, and look for root causes rather than surface fixes.

- Collaborative and adaptable. You work effectively across teams and adjust your approach as priorities shift.

- Receptive to feedback and committed to developing your information security skills across multiple domains.

Preferred

- Pursuing or holding a relevant certification: CompTIA Security+, CISA (in progress), ISO 27001 Foundation, or equivalent.

- Familiarity with cloud environments (AWS, Azure, GCP) from a security or compliance perspective.

- Exposure to security or GRC tooling such as Wiz, Qualys, Microsoft Sentinel, ServiceNow GRC, or similar.

- Awareness of AI governance frameworks or the OWASP LLM Top 10.

- Some scripting or automation experience (Python, etc.) is a plus.

Additional Information

Bring all of you to work

We create the conditions for high performers to thrive, through real ownership, fewer blockers, and work that makes a difference from day one.

Here, you’ll move fast, take on meaningful challenges, and be recognized for the impact you deliver. It’s a place where ambition gets met with opportunity, and where your growth is in your hands.

We work as one team, and we back each other to succeed. So whatever your background or identity, if you’re ready to grow and make a difference, you’ll be right at home here.

It’s important we set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable.

Life at Checkout.com

We understand that work is just one part of your life. Our hybrid working model offers flexibility, with three days per week in the office to support collaboration and connection.

Curious about what it’s like to be part of our team? Visit our Careers Page to learn more about our culture, open roles, and what drives us.

For a closer look at daily life at Checkout.com , follow us on LinkedIn and Instagram

Posted 2026-07-15

Recommended Jobs

Teacher of Design Technology - Haringey Independent School

Marchant Recruitment
London

School Status & Location Sector: Prestigious Independent School (with Sixth Form). Borough: Haringey (Inner London, England). Start Date: Permanent, full-time role commencing January 2026. …

View Details
Posted 2025-12-16

Sommelier

Franco’s
London

Job Details An exciting opportunity has arisen for an experienced full-time Sommelier to join Head Sommelier Paolo Pellegrino and our Bar/Wine team at Franco's on Jermyn Street, Green Park. W…

View Details
Posted 2026-06-27

TechOps Engineer (System Administrator)

Talos-Trading
London

Institutional Fabric for the Digital Asset Market Founded in 2018, Talos provides institutional-grade trading technology for the global digital asset market, powering many of the major players in …

View Details
Posted 2026-07-15

.NET Developer, Graduate / Junior

Noir
London

.NET Developer, Graduate / Junior - Computer Gaming Company - London (Tech stack: Graduate / Junior .NET Developer, .NET 10.0, ASP.NET Core, C# 14, Azure, Angular 21, Vue.js, TypeScript, Multithreadi…

View Details
Posted 2026-04-13

Nightshift HGV Technician

TCR
Hounslow, Greater London

Nightshift HGV Technician – Heathrow The Opportunity Join our dedicated engineering team as a Nightshift HGV Technician , responsible for maintaining and repairing ground support vehicles and…

View Details
Posted 2026-06-19

Site Agent/Sub Agent/Senior Engineer - Heavy civils

Joseph Gallagher Limited
London

Location: Central London Hours: Full-time Salary: Competitive (DOE) Joseph Gallagher is the leading UK based Civil Engineering & Tunnelling sub-contractor, growing significantly in the las…

View Details
Posted 2026-05-13

Pensions Lawyer (1-3 yrs PQE) - leading advisory practice

IPS Group
London

One of the City’s most highly rated, advisory driven Pensions practices has created a new opening at 1-3 year PQE level to join an experienced team servicing a diverse and high quality portfolio of s…

View Details
Posted 2026-07-15

Spanish Teacher - Enfield | Independent Senior School

Marchant Recruitment
Enfield, Greater London

We are working with a high-achieving independent secondary school in Enfield recruiting for a Spanish Teacher. This role is ideal for a linguist who thrives on high-target language usage and cultur…

View Details
Posted 2026-01-27

Junior Nanny in Twickenham, Hiring ASAP, Job ID J20B5E

Little Ones UK Ltd
Twickenham, Greater London

A lovely family in Twickenham is looking for an experienced Junior Nanny to join their household and assist in caring for their children. The ideal candidate will be someone with previous experience …

View Details
Posted 2026-07-15

Administrative Assistant - Deptford

Marchant Recruitment
London

We are seeking a professional, organised, and proactive Administrative Assistant to join a busy primary school in Deptford, starting as soon as possible. This role is ideal for someone who enjoys wor…

View Details
Posted 2026-02-04