Welcome to MultiBank Group; a global financial pioneer established in 2005 in California and now proudly headquartered in Dubai, UAE. We excel in providing cutting-edge trading technology, unparalleled liquidity, and exceptional customer service, offering an extensive range of financial products such as Forex, Metals, Shares, Indices, Commodities, and Cryptocurrency CFDs.
Join our thriving community of over 1 million clients across 90 countries, contributing to a daily trading volume exceeding US$ 12.1 billion. As a heavily regulated (11 financial regulators across 5 continents), award-winning, and reliable financial institution, MultiBank Group is devoted to innovation, excellence, and empowering our clients to achieve their financial goals.
Seize the opportunity to work with a rapidly growing, world-class team spanning more than 20 countries, driven by innovation, collaboration, and customer focus.
Job Overview: We are seeking an onsite proactive Senior Business Process & IT Security Analyst with the ability to protect and secure not only IT systems but also core business processes, such as treasury operations and financial workflows. This role is critical in identifying and mitigating security threats across the organization, covering both technical infrastructure and sensitive business operations. The successful candidate will be a self-starter capable of independently identifying risks, conducting deep-dive analyses, and implementing effective security controls for both IT systems and business-critical processes. Experience in crypto wallet custody security, including securing hot and cold wallets and understanding related attack vectors, is a plus and highly desirable.
Key Responsibilities:
Proactive Threat Hunting & Incident Management:
- Actively identify and address security threats across all areas of the business, including IT infrastructure, business processes (e.g., treasury, payments, and financial operations), and any other critical workflows.
- Own the process of incident detection and escalation, ensuring risks are quickly identified, escalated, and resolved, covering both IT and business process risks.
- Perform thorough investigations into vulnerabilities, unauthorized access, and fraud attempts in business-critical areas like payments, treasury, and compliance systems.
- Conduct advanced threat hunting using behavioural analytics and anomaly detection across business systems to detect any unusual activities, including potential fraud.
Vulnerability Assessments & Penetration Testing:
- Regularly perform penetration testing and vulnerability assessments on both technical systems (e.g., servers, databases, cloud services) and business processes (e.g., treasury workflows, payment gateways, and financial settlements).
- Ensure security gaps in core business functions are identified and addressed before they can be exploited.
- Work closely with business stakeholders, including treasury and finance teams, to secure sensitive processes and systems.
Business Process Security & Optimization:
- Collaborate with business units, including treasury and financial operations, to ensure that all business processes are compliant with security standards and free from vulnerabilities.
- Design and enforce security policies that protect against potential threats to critical business operations such as financial transactions, compliance processes, and reporting workflows.
- Continuously review and optimize security controls for business processes such as wire transfers, liquidity management, and treasury operations, ensuring no gaps in protection.
IT Security & Process Integration:
- Manage and optimize security tools and platforms (SIEM, EDR, etc.) to cover both IT infrastructure and business operations.
- Implement end-to-end security monitoring for systems handling financial transactions, ensuring integrity and security throughout the payment lifecycle.
- Continuously update and improve security frameworks that support both technical and business operations, ensuring all key areas are safeguarded.
Automation & Continuous Improvement:
- Develop automated scripts and tools to enhance threat detection, incident response, and security monitoring, addressing both IT and business process vulnerabilities.
- Lead the integration of security measures into the organization’s business operations, ensuring seamless security coverage from IT systems to core business processes.
- Drive continuous improvement in security protocols for business-critical systems such as treasury platforms, ensuring resilience against emerging threats.
Cross-functional Collaboration & Stakeholder Engagement:
- Work closely with both technical teams (IT, DevOps, Cloud) and business units (treasury, finance, compliance) to ensure holistic security coverage across the organization.
- Collaborate with treasury, operations, and legal teams to ensure security practices are integrated into all financial and regulatory operations, reducing the risk of fraud or unauthorized access.
- Serve as a key security advisor for business units, helping them understand potential risks and how to mitigate them effectively.
Incident Response & Reporting:
- Act as the primary point of contact for major incidents related to both IT and business operations, ensuring timely and thorough resolution.
- Create detailed reports on security incidents affecting both technical and business processes, including root cause analysis and recommendations for preventing future occurrences.
- Lead post-incident reviews for business operations, ensuring that all processes are continuously refined and secured based on emerging threats.
Qualifications:
- 7+ years of experience in cybersecurity, with a focus on both IT and business process security in sectors such as banking, fintech, or financial services.
- Expertise in business process security, specifically in treasury operations, financial transactions, compliance, and payment systems.
- In-depth understanding of SIEM, EDR, and other security tools, with experience securing both technical infrastructure and business processes.
- Strong ability to identify security threats in both technical systems and sensitive business workflows, such as payments and treasury functions.
- Proven track record in incident response, with the ability to manage and resolve complex incidents affecting both IT and business systems.
- Hands-on experience with vulnerability management, penetration testing, and risk assessments across both technical and operational domains.
- Strong scripting skills (e.g., Python, PowerShell) to automate threat detection and response tasks.
- Relevant certifications (e.g., CISSP, OSCP, CEH, CISM) and familiarity with frameworks like MITRE ATT&CK, NIST, and PCI DSS.
Preferred Qualifications:
- Experience in securing financial operations, treasury, cold and hot crypto wallets or similar processes.
- Prior experience in Fintech or Trading Platforms (e.g., MT4/MT5) is a strong plus.
- Familiarity with cloud security (AWS, Azure) and container security practices.
