
Upsun · Remote • Canada
ABOUT UPSUN (FORMERLY PLATFORM.SH) Upsun is the cloud application platform humans and robots love. It is built for today’s hybrid teams, where AI agents write...
Upsun is the cloud application platform humans and robots love. It is built for today’s hybrid teams, where AI agents write and
test code and humans focus on solving the problems that really matter. Developers, DevOps engineers, and platform teams use Upsun
to build, ship, and scale confidently without wrestling with backend infrastructure. We give you your time back. You get:
The name says it all. "Up" means uptime, reliability, and acceleration. "Sun" reflects our follow-the-sun-support, a 24x7,
globally distributed support team keeping the lights on while you rest. Our core belief is that software should power brighter
solutions and greater innovation.
Upsunners are a remote, global workforce, and we thrive in a multicultural team. We are committed to open source and an open,
welcoming environment. Our team spans the globe and the experience spectrum.
What's our commonality, our cultural fabric? A curious spirit and a thirst for knowledge; an eagerness for innovative ideas and
cultures. We believe we can build anything together in an environment that frees you to do your best work.
🌿 We make a positive impact.
✨ We aim for the stars.
💚 We care for each other.
As a Senior Risk & Audit Specialist at Upsun, you help keep our security, risk, audit, and compliance work moving with clarity,
care, and consistency. Reporting to the Director, Risk & Audit, you'll work closely with teams across Security, Engineering, IT,
Legal, Product, and Sales to keep key audits and certifications (including ISO 27001, SOC 2, PCI DSS, and HIPAA) on track and our
global business audit-ready.
You're practical, organized, and curious; someone who enjoys making complex requirements easier to understand and thrives when
balancing planned work with time-sensitive audit and customer requests. You partner with control owners across the business to
coordinate evidence, monitor risk, and turn complex requirements into guidance that's easy to act on.
Beyond keeping audits on track, you contribute to the long-term evolution of our risk and compliance program by supporting
readiness for new and expanding assurance needs, simplifying repeatable processes, and improving evidence quality. Your attention
to detail, cross-functional mindset, and clear communication help leadership stay informed and give our customers confidence in
our security posture.
relevant assurance work by coordinating evidence collection, reviewing evidence quality, scheduling walkthroughs, and following
up with control owners.
treatment follow-up by working with teams to identify control gaps, agree on practical actions, and track remediation through
to completion.
risk.
(including Australia ISM/IRAP/HCF, NIS2, and ISO 42001/AIM) while maintaining policies, procedures, control narratives and
supporting documentation.
Legal, Security, and Product, and support updates to the Trust Center and other trust documentation.
for leadership and look for opportunities to simplify repeatable processes and reduce audit friction for control owners.
related area.
tracking.
42001, GDPR, PIPEDA or similar standards.
once.
varied timezones.
At Upsun, remote work isn't just a trend - it's our foundation. The freedom of remote work with the support of a diverse, global
team has been our successful model for over a decade. Our culture celebrates flexibility and collaboration, and while we have team
members in over 30 countries around the globe, we are currently focused on hiring for this role in Canada, Spain, Germany, France,
or the United Kingdom. Although we’re unable to provide visa sponsorship at this time, we welcome applications from all qualified
candidates who are legally authorized to work in these countries.
We know that a great hire won’t meet every requirement that we’ve outlined. If you can see yourself elevating the team, we want to
hear your story. Few of us would be here had we not taken a chance.
You can expect 5 interviews to follow the order below. Should you successfully move through the entire process you will have the
opportunity to meet with a variety of Upsunners. Our goal is to ensure you can make the most informed decision on whether this
role, and our culture aligns with what you’re looking for in your future working environment.
1. 45 Minutes with Talent Acquisition
2. 60 Minutes with Hiring Manager (Director, Risk & Audit)
3. 60 Minutes with Team (IC's)
4. 60 Minutes Cross Team (Leaders)
5. 45 Minutes with Executive (CFO)
All roles require background checks.
💡 A product you can believe in - Join us in transforming how businesses build and manage web applications, driven making a
positive impact as a proud B Corp.
🏆 An Award-Winning Workplace - We’ve been recognized by Forbes’ Top 30 Companies for Remote Jobs and France’s Best Workplaces for
Women.
🗣️ A culture that values your voice - Join a flexible, open, and inclusive work environment where your voice is encouraged, and
your ideas shape our growth and evolution.
🌎 A global team - Collaborate with colleagues from diverse backgrounds across the world, embracing different perspectives
🎉 Benefits and perks - Make the most of what matters to you
> 🏝 Flexible PTO
>
> 🩺 Comprehensive healthcare coverage (UK, Canada, France, Spain, USA)
>
> 📈 Company stock options
>
> 🧠 Professional development budget
>
> 💻 Office equipment budget
>
> 💆♀️ Wellness budget
>
> 🧳 Annual team gatherings
>
> 🛜 Internet reimbursement
>
> 👶 Inclusive parental leave
>
> ✈️ Remote work travel program
At Upsun, we celebrate diversity in all its forms and are committed to fostering an inclusive, equitable, and supportive workplace
where everyone can thrive. We embrace and value different perspectives, backgrounds, and experiences, because they make us
stronger as a team. Whoever you are, wherever you're from, and whatever path you've taken, you are welcome here. We encourage you
to bring your whole self to work, connect with others, and share your passion. If you need accommodations at any stage of our
hiring process, please let us know. We're here to ensure an accessible and comfortable experience for you.
ABOUT UPSUN (FORMERLY PLATFORM.SH) Upsun is the cloud application platform humans and robots love. It is built for today’s hybrid teams, where AI agents write and test code and humans focus on solving the problems that really matter. Developers, DevOps engineers, and platform teams use Upsun to build, ship, and scale confidently without wrestling with backend infrastructure. We give you your time back. You get: * Predictable performance, even at scale * Secure, compliant environments by default * Real-time observability and profiling built in * Cloning, configuration, and provisioning in seconds * AI-ready features that plug directly into your stack The name says it all. "Up" means uptime, reliability, and acceleration. "Sun" reflects our follow-the-sun-support, a 24x7, globally distributed support team keeping the lights on while you rest. Our core belief is that software should power brighter solutions and greater innovation. Upsunners are a remote, global workforce, and we thrive in a multicultural team. We are committed to open source and an open, welcoming environment. Our team spans the globe and the experience spectrum. What's our commonality, our cultural fabric? A curious spirit and a thirst for knowledge; an eagerness for innovative ideas and cultures. We believe we can build anything together in an environment that frees you to do your best work. Our values: 🌿 We make a positive impact. ✨ We aim for the stars. 💚 We care for each other. IMPACT OF AN IT SYSTEMS ENGINEER As an IT Systems Engineer you take the identity plane from working to well-run: automated, governed, and consistent, so access is correct by default, and our auditors find evidence rather than surprises. Reporting to the IT Director, you play a pivotal role in a growing internal IT department, driving the internal systems layer around identity—from our SaaS estate to Google Workspace. You are the person who makes identity quietly reliable: predictable, documented, and automated, while remaining flexible enough to support the wider IT function as our scaling remote organization evolves. WHAT TO EXPECT * Identity and access management: Own Okta as the backbone of how people get access, managing the app catalog (SSO integrations for new SaaS tools), policy management (MFA, device trust), and directory hygiene (Universal Directory, group management, breakglass access). Run identity day to day, refine our SSO and SCIM integrations, and keep joiner, mover, and leaver flows accurate from our HR system. * Lifecycle and access automation: Automate provisioning and deprovisioning so access is granted and revoked automatically, not by hand. Build and maintain workflows with tools like Okta Workflows and n8n, manage access configuration as code, and keep SCIM provisioning in sync with our HR system. * Process and governance: Structure and harmonize clear procedures around the identity plane, so access requests, approvals, and reviews follow one consistent, documented path instead of ad hoc steps. * Internal IT systems and SaaS administration: Own our internal systems end to end. Integrate, secure, and validate our SaaS stack, administer Google Workspace as our core collaboration suite, connect our tools through Okta and our HR system, and own the application validation process. * Compliance engineering: Implement and evidence access controls for ISO 27001 and SOC 2 Type 2 with our Security team, ensuring access reviews and audit logs are a by-product of well-built systems, not a quarterly scramble. * Endpoint and device management (shared): Partner on administrating Jumpcloud our MDM across macOS, Windows, and Linux, sharing endpoint and device management with our IT Operations and Endpoint Manager so coverage scales with the team. * Where the team needs you: We are a small, growing IT team, so scope will flex over time. You are happy to pick up adjacent systems work and support across the wider IT function as our needs evolve. WHAT YOU BRING * Identity expertise: Deep, hands-on experience with Okta or a comparable identity provider, including SSO, SCIM, lifecycle automation, and API-driven provisioning * IT Experience: Typically 5 or more years in IT systems, identity, or access engineering, including time in a developer-heavy or engineering-led environment. * Automation skills: You build automation with tools like Okta Workflows, n8n, or similar, you are comfortable with APIs and webhooks, and you script in Python or a comparable language. * Process optimization: You bring order to environments that grew quickly. You write clear procedures, standardize how things are done, and leave systems better documented than you found them. * SaaS-first operations: You have run and integrated a SaaS-based environment, where identity and APIs matter more than racks and networks. * Compliance fluency: You have worked inside ISO 27001 or SOC 2, ideally Type 2 where evidence is continuous, and you understand what auditors actually need. * Remote collaboration: You work well without close supervision in a fully remote team, and you communicate clearly with technical and non-technical colleagues alike * Google Workspace administration: We are a Google shop, so hands-on Google Workspace administration is core to this role: users, groups, policies, and security settings. * Working style: You are comfortable wearing several hats in a small IT team, picking up adjacent systems and endpoint work, and flexing as priorities shift. BONUS POINTS * Comfort managing configuration through Git-based workflows, or infrastructure as code with Terraform. * Professional proficiency in French. WHERE WE HIRE At Upsun, remote work isn't just a trend - it's our foundation. The freedom of remote work with the support of a diverse, global team has been our successful model for over a decade. Our culture celebrates flexibility and collaboration, and while we have team members in over 30 countries around the globe, we are currently focused on hiring for this role in Canada, France, Germany, Spain, and the United Kingdom. Although we’re unable to provide visa sponsorship at this time, we welcome applications from all qualified candidates who are legally authorized to work in these countries. HOW WE HIRE We know that a great hire won’t meet every requirement that we’ve outlined. If you can see yourself elevating the team, we want to hear your story. Few of us would be here had we not taken a chance. You can expect 4 interviews on Google Meet to follow the order below. Should you successfully move through the entire process you will have the opportunity to meet with a variety of Upsunners. Our goal is to ensure you can make the most informed decision on whether this role, and our culture aligns with what you’re looking for in your future working environment. 1. 45 Minutes with Talent Acquisition 2. 60 Minutes with Hiring Manager (Director, IT) 3. 60 Minutes with Team (Senior Director, Site Reliability Engineering & Senior IT Manager) 4. 45 Minutes with Executive (Senior Director, FP&A & IT) All roles require background checks. WHAT WE OFFER 💡 A product you can believe in - Join us in transforming how businesses build and manage web applications, driven making a positive impact as a proud B Corp. 🏆 An Award-Winning Workplace - We’ve been recognized by Forbes’ Top 30 Companies for Remote Jobs and France’s Best Workplaces for Women. 🗣️ A culture that values your voice - Join a flexible, open, and inclusive work environment where your voice is encouraged, and your ideas shape our growth and evolution. 🌎 A global team - Collaborate with colleagues from diverse backgrounds across the world, embracing different perspectives 🎉 Benefits and perks - Make the most of what matters to you > 🏝 Flexible PTO > > 🩺 Comprehensive healthcare coverage (UK, Canada, France, Spain) > > 📈 Company stock options > > 🧠 Professional development budget > > 💻 Office equipment budget > > 💆♀️ Wellness budget > > 🧳 Annual team gatherings > > 🛜 Internet reimbursement > > 👶 Inclusive parental leave > > ✈️ Remote work travel program YOU BELONG HERE At Upsun, we celebrate diversity in all its forms and are committed to fostering an inclusive, equitable, and supportive workplace where everyone can thrive. We embrace and value different perspectives, backgrounds, and experiences, because they make us stronger as a team. Whoever you are, wherever you're from, and whatever path you've taken, you are welcome here. We encourage you to bring your whole self to work, connect with others, and share your passion. If you need accommodations at any stage of our hiring process, please let us know. We're here to ensure an accessible and comfortable experience for you.
🚀 We’re on a mission to make money work for everyone. We’re waving goodbye to the complicated and confusing ways of traditional banking. After starting as a prepaid card, our product offering has grown a lot in the last 10 years in the UK. As well as personal and business bank accounts, we offer joint accounts, accounts for 16-17 year olds, a free kids account and credit cards in the UK, with more exciting things to come beyond. Our UK customers can also save, invest and combine their pensions with us. With our hot coral cards and get-paid-early feature, combined with financial education on social media and our award winning customer service, we have a long history of creating magical moments for our customers! We’re not about selling products - we want to solve problems and change lives through Monzo ❤️ ---------------------------------------------------------------------------------------------------------------------------------- 📍Dublin, Ireland | 💰 €92,000 - €112,000, Incentive Awards tied to your performance ➕benefits | Hear from the team ✨ ⭐Our Risk team This role sits within our 2nd line of defence risk management team. Acting as a senior technical specialist within the Financial Risk function, it will involve supporting the Director in delivering robust oversight across several financial risk disciplines. The role has a strong focus on IRRBB, capital adequacy and stress testing (ICAAP), and liquidity and balance sheet risk (ALM), ensuring that frameworks, models, and methodologies are fit-for-purpose, compliant, and aligned with regulatory expectations. The role you are applying for is a Controlled Function (CF-2) within the meaning of the Central Bank Reform Act, 2010. For this role, appointment will be conditional on Monzo being fully satisfied that the appointee meets the requirements as set out in the Fitness and Probity Standards issued by the Central Bank of Ireland. As a CF, the role holder will be subject to Conduct Standards under the Central Bank of Ireland Individual Accountability Framework (IAF) and will be required to take reasonable steps to ensure that the relevant conduct standards are met. 🔑You’ll play a key role by… Driving delivery of the Financials Risk Functions objectives across the following areas of responsibility: Technical Leadership – Financial Risk Models & IRRBB * Leading independent 2LoD validation and review of financial risk models, with a focus on; Interest Rate Risk in the Banking Book (IRRBB), behavioural models (e.g. deposits, prepayments) and hedging strategies and valuation approaches * Assessing model design, assumptions, limitations, and performance, ensuring alignment with regulatory expectations (e.g. EBA IRRBB guidelines) * Providing independent technical challenge to first line model development and usage * Overseeing overarching model governance, including validation cycles, documentation standards, and model risk controls * Supporting development and enhancement of IRRBB measurement methodologies (e.g. EVE, NII metrics) Capital Adequacy, ICAAP & Stress Testing * Playing a leading role in ICAAP development, review, and ongoing enhancement * Providing independent oversight and challenge of; capital adequacy assessments, risk quantification methodologies, scenario design and stress testing frameworks and risk appetite calibration * Designing and reviewing stress testing scenarios (macroeconomic, idiosyncratic, reverse stress) * Assessing capital planning and forecasting, including base and stressed balance sheet projections * Ensuring ICAAP documentation meets regulatory standards and audit expectations * Supporting interactions with regulators on capital-related topics Liquidity Risk & Treasury Oversight (ALM) * Providing 2LoD oversight of liquidity risk and funding frameworks, including ILAAP and liquidity risk metrics (LCR, NSFR, survival horizon) * Reviewing and challenging Treasury activities, including; balance sheet management, funding strategies and wholesale credit exposures * Assessing assumptions underpinning liquidity stress testing and contingency funding plans * Providing oversight of ALM practices, including interest rate positioning and structural hedging * Supporting review of Recovery Plan and Solvent Wind Down (SWD) from a liquidity and funding perspective Risk Monitoring, Reporting & Regulatory Submissions * Leading production and independent review of financial risk MI (capital, liquidity, IRRBB), stress testing outputs and sensitivity analysis * Reviewing and challenging key regulatory submissions, including; ICAAP and ILAAP, pillar 3 disclosures, recovery plan and SWD * Ensuring data integrity, traceability, and auditability of risk outputs * Identifying emerging risks and escalate material issues appropriately Business Partnering & Expert Challenge * Acting as a technical advisor to Treasury, Finance, and Risk teams * Providing credible and constructive challenge on methodologies, assumptions, and decision-making * Supporting the embedding of robust financial risk practices across the organisation * Contributing technical expertise to strategic initiatives (e.g. product launches, balance sheet optimisation) Governance & Committees * Supporting preparation of materials for ALCO and Executive and Board Risk Committees * Presenting technical analysis and insights where required * Supporting escalation and documentation of key financial risk issues Regulatory & Control Environment * Ensuring alignment with CBI, EBA, and other applicable prudential regulations alongside internal financial risk frameworks and policies * Supporting adherence to fitness & Probity standards and individual Accountability Framework (IAF) Conduct Standards * Maintaining high standards of documentation, controls, and audit readiness 🤩 We’d love to hear from you if you have…… * Strong technical expertise in one or more of IRRBB modelling and measurement, capital adequacy and ICAAP, liquidity risk and ALM * Experience in model validation, quantitative analysis, or risk methodology development * Deep understanding of prudential regulation (CRR/CRD, EBA guidelines, ICAAP/ILAAP expectations) * Strong analytical and problem-solving skills with attention to detail * Ability to challenge effectively and communicate complex concepts clearly to senior stakeholders * Experience working with Treasury, Finance, or Risk teams in a banking environment 🙌What’s in it for you 💰A salary range of €92,000 - €112,000 ➕Incentive Awards tied to your performance. 📍This role will have a hybrid working model, based in our Dublin office 2 - 3 days a week. ⏰We offer flexible working hours and trust you to work enough hours to do your job well, and at times that suit you and your team. 🏝 Annual Leave - 34 days including public holidays (24 holiday days + 10 public holidays) 📚€1,200 learning budget each year to use on books, training courses and conferences. 🏥Private healthcare scheme 💰Pension scheme: the minimum contribution is 4% and Monzo matches any additional contributions that you make up to a maximum of 6% 💛Wellbeing benefits: financial education, women’s and men’s health support, mental health benefits, including coaching and counselling 🌈 The application journey has 4 key steps * An introductory call with a member of the Monzo Recruitment team * An initial call with the hiring manager * A series of role specific, behavioural & leadership principles interviews * Final stage interview This process should take around 3-4 weeks - your schedule is really important to us, so we promise to be as flexible as possible! We have some guidelines on using Artificial Intelligence (AI) to ace an application and interview at Monzo. You can read them here. We’ll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible to make sure you don’t miss out. #LI-ÉS1 ---------------------------------------------------------------------------------------------------------------------------------- Equal opportunities for everyone Diversity and inclusion are a priority for us and we’re making sure we have lots of support for all of our people to grow at Monzo. At Monzo, we’re embracing diversity by fostering an inclusive environment for all people to do the best work of their lives with us. This is integral to our mission of making money work for everyone. You can read more in our blog, 2026 Diversity and Inclusion Report and 2025 Gender Pay Gap Report. We’re an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status. If you have a preferred name, please use it to apply. We don't need full or birth names at application stage 😊
💬 ACCURX IS SOLVING HEALTHCARE PRODUCTIVITY FOR THE NHS. For decades, the NHS has struggled with fragmented systems that make simple tasks feel impossible. At Accurx, we’re changing that by building a single, system-wide platform that helps every patient get gold-standard, efficient, and joined-up care. What started as a way for GPs to text a patient has now evolved into an all-in-one digital toolkit used by 98% of GP practices. Our platform now powers Total Triage to manage patient demand, and Self-Book, which lets patients schedule their own appointments in seconds. We’ve automated routine care with Patient Questionnaires for long-term conditions, while Accumail finally allows staff-to-staff communication to happen instantly across different care settings. We’re now pushing the boundaries of the consultation itself with Accurx Scribe, our AI-powered note-taker that drafts medical notes in real-time. We’re not just shipping features. We’re giving clinicians their time back and ensuring every patient journey is as smooth as it should be. HOW THIS ROLE SITS WITHIN THE FUNCTION * Reports to: Senior Information Security Officer * Function: Privacy & Information Security * Contract type: Six-month fixed-term contract This role works day-to-day alongside the Senior Information Security Officer, who owns the GRC framework, ISO 27001 programme, CE+ and DSPT compliance, and the security risk register. It provides dedicated capacity to push forward priority workstreams - particularly risk management, CE+ audit readiness, and data strategy delivery. CHALLENGES YOU’LL SOLVE... * Own the security risk register: Facilitate risk assessment sessions with technical and non-technical stakeholders across the business, keep the register current and accurate, and prepare clear risk reporting that translates technical risk into business language. * Drive Cyber Essentials Plus readiness: Coordinate evidence gathering across IT, Platform and Security Engineering ahead of the CE+ deep-dive audit, reviewing controls against requirements and flagging gaps with practical remediation guidance. * Deliver our data classification programme: Work with data owners to classify information assets in line with policy, and push the access control programme forward by reviewing current access patterns and identifying gaps. * Keep risk treatment moving: Track risk treatment actions and follow up with owners so items progress rather than stall, managing milestones and blockers across the risk, CE+, and data workstreams. * Support the wider security programme: Contribute to ISO 27001 and DSPT activities where your work intersects, including evidence collection and control documentation, and support policy and process documentation as needed. * Be a translator between security and the business: Communicate security requirements clearly to engineers, and help non-technical stakeholders understand risk well enough to act on it. YOU SHOULD APPLY IF... * You have 3–5 years of hands-on experience in information security and risk management, ideally in health-tech or a regulated SaaS environment. * You've run risk sessions, owned a risk register, and prepared risk reporting for senior stakeholders * You've worked through a Cyber Essentials Plus audit cycle yourself * You understand cloud infrastructure, endpoint management, identity and access controls, and network boundaries well enough to hold your own in a technical conversation - you don't need to be a developer. * You have working knowledge of ISO 27001 and Cyber Essentials Plus, and know what "proportionate" looks like in a fast-moving product company. * You write and communicate clearly, structuring your thinking logically so people know what's expected of them and why. * You're comfortable working at pace and without extensive hand-holding, managing your own workload and flagging blockers early. * You care about what Accurx does, and understand that the data we protect belongs to patients and clinicians who trust us with it. WHAT’S IN IT FOR ME? You'll be joining an established but fast-growing Tech for Good movement, led by our Principles and our mission to solve healthcare productivity. * £50k salary * Benefits to suit you: adjust your healthcare cover, your pension or life insurance, whatever stage you’re at in life * Flexible working: We are an office-first culture and ask that you’re in our (dog-friendly) Shoreditch office 3 days a week, with core hours of 10 am - 4 pm * Time off: You’ll get 28 days of holiday (plus bank holidays) and up to 4 weeks to work from anywhere per year * We have our very own Chef! Free healthy breakfasts, snacks and lunches will be provided, with the occasional sweet treat!