Job description

About Uphold Uphold is a financial technology company that believes on-chain services are the future of finance. It provides modern infrastructure for on-chain payments, banking and investments. Offering Consumer Services, Business Services and Institutional Trading, Uphold makes pioneering financial services easy and trusted for millions of customers in more than 140 countries. Uphold strips away the complexity and lack of transparency to open up Web3 finance for everyone. To learn more about Uphold, please visit https://uphold.com. The Opportunity We are looking for a Senior Enterprise Resilience Analyst to join our Information Security GRC team. This is an exciting opportunity to contribute to the resilience of our organization by enhancing our incident management framework while ensuring business continuity and disaster recovery (BC/DR) readiness. In this role, you will be responsible for managing and improving security incident response and operational resiliency processes, ensuring that disruptions—whether cyber-related, operational, or third-party—are effectively handled and mitigated. You will work across IT, Security, Risk, and Business Continuity teams to build, test, and refine response playbooks, coordinate incident handling, and enhance enterprise resilience strategies. We are looking for a highly motivated and detail-oriented professional who can proactively drive improvements, develop metrics, and work cross-functionally to ensure rapid response and recovery from incidents. What You’ll Be Doing Primarily Incident Response & Management: • Assist in managing cybersecurity and operational incidents from detection to resolution. • Coordinate with internal stakeholders to contain, mitigate, and recover from incidents. • Document and refine incident response playbooks, ensuring alignment with industry frameworks (NIST 800-61, etc.). Operational Resiliency & Business Continuity • Support business continuity (BC) and disaster recovery (DR) exercises, ensuring alignment with incident response processes. • Contribute to the development and execution of resilience testing (e.g., tabletop exercises, crisis simulations). • Maintain incident and resilience program documentation, including response plans and post-incident reports. • Work with third parties to assess their incident response and business continuity capabilities. Threat & Risk Assessment • Collaborate with risk and compliance teams to evaluate enterprise risks and recommend mitigation strategies. • Perform root cause analysis and post-incident reviews (PIRs) to drive continuous improvement. • Analyze incident data to identify trends and provide insights on security and operational vulnerabilities. Cross-Functional Collaboration & Continuous Improvement • Assist in the development of incident and resilience KPIs/metrics to measure program effectiveness. • Provide training and awareness sessions for employees on incident response and resiliency best practices. • Work with IT, Security, Legal, and Business Units to ensure alignment on regulatory and compliance requirements (ISO 27001, DORA, FFIEC, etc.). Required Qualifications • Bachelor’s degree in Cybersecurity, Information Security, Risk Management, or a related field (or equivalent experience). • 3-5 years of experience in incident response, security operations, or business continuity management. • Hands-on experience with security monitoring tools (SIEM, EDR, IDS/IPS) and incident handling. • Familiarity with incident response frameworks (NIST 800-61, SANS PICERL, MITRE ATTACK, etc.). • Knowledge of business continuity (BC), disaster recovery (DR), and crisis management principles. • Ability to document, analyze, and communicate incident response and resilience strategies effectively. • Strong problem-solving skills and ability to work under pressure during incidents. • Fluent written and oral English skills. Bonus If You Have • Certifications such as CISSP, GCIH, CBCP, CISM, or CRISC. • Experience working with cloud security incidents (AWS, Azure, GCP). • Knowledge of compliance requirements (ISO 27001, DORA, FFIEC, etc.). • Hands-on experience with cyber threat intelligence (CTI) and threat hunting. • Experience conducting tabletop exercises and red/blue team simulations. What We Have To Offer You • Innovation and Impact: Contribute to pioneering projects in a dynamic and challenging environment. • Competitive Compensation: Stock options, performance bonuses, and comprehensive benefits on top of a competitive salary. • Strong Company Culture: Thrive in a supportive, collegiate environment with values of integrity, teamwork, accountability, and excellence. • Global Collaboration: Participate in regular updates, strategy sessions, and networking opportunities across the group. • Development Opportunities: Access training and mentorship programs. • Flexibility: Enjoy options to work from home, other locations, or adjust your hours. Benefits • Annual bonus program based on individual, team and company performance. • Home office stipend for a productive setup.Generous PTO, healthcare, and employee assistance programs. • Generous PTO, healthcare, and employee assistance programs. • Engaging events and celebrations. • Well-stocked office kitchen with a foodie culture. Be part of a great company that is revolutionizing financial services. Apply now! If this job isn’t exactly what you are looking for, visit our careers page to check out all our exciting opportunities. EEOC Employer We're proud to be an Equal Opportunity Employer and we celebrate our employees' differences, including race, color, religion, gender identity, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, and any other protected classes. Difference makes us better.

Requirements