Job Description

About Uphold

Uphold is a financial technology company that believes on-chain services are the future of finance. It provides modern infrastructure for on-chain payments, banking, and investments. Offering Consumer Services, Business Services, and Institutional Trading, Uphold makes pioneering financial services easy and trusted for millions of customers in more than 140 countries.



Uphold strips away the complexity and lack of transparency to open up Web3 finance for everyone.



To learn more about Uphold, please visit https://uphold.com.

The Opportunity:

We are looking for a Senior Enterprise Resilience Analyst to join our Information

Security GRC team. This is an exciting opportunity to contribute to the resilience of our

organization by enhancing our incident management framework while ensuring

business continuity and disaster recovery (BC/DR) readiness.

In this role, you will be responsible for managing and improving security incident response

and operational resiliency processes, ensuring that disruptions--whether cyber-related,

operational, or third-party--are effectively handled and mitigated. You will work across IT,

Security, Risk, and Business Continuity teams to build, test, and refine response playbooks,

coordinate incident handling, and enhance enterprise resilience strategies.

We are looking for a highly motivated and detail-oriented professional who can proactively

drive improvements, develop metrics, and work cross-functionally to ensure rapid response

and recovery from incidents.

What you'll be doing primarily:

Incident Response & Management:


Assist in managing cybersecurity and operational incidents from detection to
resolution.
Coordinate with internal stakeholders to contain, mitigate, and recover from
incidents.
Document and refine incident response playbooks, ensuring alignment with
industry frameworks (NIST 800-61, etc.).


Operational Resiliency & Business Continuity:


Support business continuity (BC) and disaster recovery (DR) exercises,
ensuring alignment with incident response processes.
Contribute to the development and execution of resilience testing (e.g.,
tabletop exercises, crisis simulations).
Maintain incident and resilience program documentation, including response
plans and post-incident reports.
Work with third parties to assess their incident response and business
continuity capabilities.



Threat & Risk Assessment:


Collaborate with risk and compliance teams to evaluate enterprise risks and
recommend mitigation strategies.
Perform root cause analysis and post-incident reviews (PIRs) to drive
continuous improvement.
Analyze incident data to identify trends and provide insights on security and
operational vulnerabilities.


Cross-Functional Collaboration & Continuous Improvement:


Assist in the development of incident and resilience KPIs/metrics to measure
program effectiveness.
Provide training and awareness sessions for employees on incident response
and resiliency best practices.
Work with IT, Security, Legal, and Business Units to ensure alignment on
regulatory and compliance requirements (ISO 27001, DORA, FFIEC, etc.).

Required qualifications:

Bachelor's degree in Cybersecurity, Information Security, Risk Management, or a
related field (or equivalent experience).
3-5 years of experience in incident response, security operations, or business
continuity management.
Hands-on experience with security monitoring tools (SIEM, EDR, IDS/IPS) and incident
handling.
Familiarity with incident response frameworks (NIST 800-61, SANS PICERL, MITRE ATTACK, etc.). Knowledge of business continuity (BC), disaster recovery (DR), and crisis management principles. Ability to document, analyze, and communicate incident response and resilience strategies effectively. Strong problem-solving skills and ability to work under pressure during incidents. Fluent written and oral English skills.

Bonus if you have:

Certifications such as CISSP, GCIH, CBCP, CISM, or CRISC. Experience working with cloud security incidents (AWS, Azure, GCP). Knowledge of compliance requirements (ISO 27001, DORA, FFIEC, etc.). Hands-on experience with cyber threat intelligence (CTI) and threat hunting. Experience conducting tabletop exercises and red/blue team simulations.

What we have to offer you:

An amazing work environment in a company that continues to grow, driven by
extraordinary and passionate people that keep up innovating and challenging

more each day.
An international team, in a cutting-edge field, working on the most fascinating
projects.
Growth and career opportunities and the chance to be proactive and creative. A flexible and enthusiastic work environment that offers you snacks, a lot of
coffee, and other great benefits.
Interesting events that keep you connected with the team and celebrate our success.

Location:

The role is hybrid with flexibility to work from home with some required attendance in

one of our local offices depending on location.



Be part of a great company that is revolutionizing financial services. Apply now!

If this job isn't exactly what you are looking for, visit our careers page to check out all

our exciting opportunities.



EEOC Employer



We are proud to be an Equal Opportunity Employer, and we celebrate our employees and

differences, including race, color, religion, gender identity, national origin, age,

military service eligibility, veteran status, sexual orientation, marital status, disability,

and any other protected classes. Difference makes us stronger and better together.