Information Security Lead

2 hours, 29 minutes ago
Full-time
Lead
DevOps and Infrastructure
emerchantpay

emerchantpay

emerchantpay specializes in providing seamless and secure online, mobile, and in-store payment processing solutions, along with risk and fraud management services, to help merchants enhance their conversion rates and expand their customer reach globally.

Diversified Financial Services
251-1K
Founded 2002

Description

  • Define and maintain the information security strategy, standards, and roadmap aligned with regulations and security best practices.
  • Steer security architecture for a cloud-native environment and define secure-by-design patterns for microservices, APIs, and platform services.
  • Establish and govern secure SDLC practices and embed automated security controls into CI/CD pipelines.
  • Define and drive cloud security guardrails across identity, network segmentation, encryption, secrets management, and configuration baselines.
  • Build and run security monitoring, logging, and threat detection across cloud, infrastructure, and application layers.
  • Lead the security incident response lifecycle and act as incident commander for security events.
  • Own vulnerability and threat management, including scanning, prioritization, remediation tracking, and reporting.
  • Plan and coordinate penetration testing and offensive-security exercises and drive findings to closure.
  • Govern identity and access management, privileged access, and least-privilege principles across cloud and corporate systems.
  • Secure corporate IT and office infrastructure, including endpoints, networks, and collaboration platforms.
  • Partner with Engineering and DevOps to support threat modelling, design reviews, tooling, and secure delivery practices.
  • Implement and evidence technical security controls for PCI DSS, ISO 27001, and SOC audits.
  • Run security awareness and phishing-resilience programs.
  • Build, lead, and mentor a small security team.
  • Report on security posture, key risks, and metrics.

Requirements

  • Bachelor’s or master’s degree in computer science, information security, or a related field, or equivalent practical experience.
  • At least 10 years of experience in information or cyber security, including 2-3 years in a leadership role.
  • Hands-on experience securing cloud-native environments at scale.
  • Deep public-cloud security knowledge, with AWS strongly preferred.
  • Strong experience securing DevOps / CI/CD pipelines and modern microservices architectures, including containers, APIs, and infrastructure-as-code.
  • Working knowledge of application security and secure SDLC across modern programming languages and web frameworks.
  • Hands-on experience with security operations, incident response, and vulnerability management.
  • Solid understanding of ISO 27001, PCI DSS, SOC 2, and NIST CSF.
  • Working AI security literacy, including use of AI-assisted security tooling and practical understanding of securing AI/LLM and agentic applications.
  • Excellent verbal and written communication skills, fluent English, and ability to influence engineers with data and logic.
  • Professional certification such as CISSP, CCSP, OSCP, AWS Security Specialty, or CISM is an advantage.
  • Experience in payments, fintech, banking, or another regulated environment is an advantage.
  • Familiarity with operational-resilience expectations such as DORA-style requirements is an advantage.
  • Experience standing up a security function is an advantage.

Benefits

  • Fast-growing payment company.
  • Excellent working conditions, a casual atmosphere, and state-of-the-art hardware.
  • Modern, challenging, and constantly growing business.
  • Professional development support, including books, trainings, and certifications.
  • Team buildings and fun activities.
  • 25 days of paid holiday, plus 1 additional day for every 2 years with the company.
  • Fully distributed and remote work arrangement.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Systems Engineer - Email Deliverability & Infrastructure

Mission Inbox 1-10 Professional Services

Senior Systems Engineer for a fully remote global team focused on managing and protecting high-availability email transmission infrastructure and deliverability operations.

DNS HAProxy Linux PostgreSQL TCP/IP
2 hours, 29 minutes ago

Senior AI Security Engineer

Panorama Education 251-1K Diversified Consumer Services

Panorama Education is seeking a Senior AI Security Engineer to secure its internal AI systems, external AI integrations, and governance practices for a K-12 student data platform.

Secrets Management
2 hours, 44 minutes ago

Senior Software Engineer (Go) - AI Resilience & Security Enhancements (Contract)

Form3 251-1K Diversified Financial Services

Form3 is hiring a Senior Software Engineer to help deliver security and resilience initiatives for its cloud-native payments platform in a remote, collaborative engineering environment.

AWS Azure BDD CI/CD CockroachDB Elasticsearch Flux GCP GitHub Go HashiCorp Vault Java Kubernetes Microservices Prometheus TDD Terraform
2 hours, 59 minutes ago

Security Software Engineer II, Detection and Response

Pinterest 5K-10K Internet Software & Services

Pinterest is hiring an experienced Security Engineer to improve detection and response for threats against its employees and infrastructure in a modern cloud-first environment.

Go Linux macOS Network Security Python Ruby SIEM TCP/IP Unix
2 hours, 59 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers