emerchantpay

emerchantpay

emerchantpay specializes in providing seamless and secure online, mobile, and in-store payment processing solutions, along with risk and fraud management services, to help merchants enhance their conversion rates and expand their customer reach globally.

Diversified Financial Services
251-1K
Founded 2002

Description

  • Define and maintain the information security strategy, standards, and roadmap in line with regulations and security best practices.
  • Steer security architecture for a cloud-native environment, including secure-by-design patterns for microservices, APIs, and shared platform services.
  • Establish and govern secure SDLC practices and embed automated security controls into CI/CD pipelines.
  • Define and drive cloud security guardrails across identity, network segmentation, encryption, secrets management, and configuration baselines.
  • Build and operate security monitoring, logging, and threat detection across cloud, infrastructure, and application layers.
  • Lead the security incident response lifecycle and act as incident commander for security events.
  • Own vulnerability and threat management, including scanning, prioritization, remediation tracking, and reporting.
  • Plan and coordinate penetration testing and offensive-security exercises and drive findings to closure.
  • Govern identity and access management, privileged access, and least-privilege principles across cloud and corporate systems.
  • Oversee data protection controls, corporate IT security, security awareness, audit evidence, team leadership, and security posture reporting.

Requirements

  • Bachelor’s or master’s degree in computer science, information security, or a related field, or equivalent practical experience.
  • At least 10 years in information / cyber security, including 2-3 years in a leadership role.
  • Hands-on experience securing cloud-native environments at scale.
  • Deep public-cloud security knowledge, with AWS strongly preferred.
  • Strong experience securing DevOps / CI/CD pipelines and modern microservices architectures, including containers, APIs, and infrastructure-as-code.
  • Working knowledge of application security and secure SDLC across modern programming languages and web frameworks.
  • Hands-on experience with security operations, incident response, and vulnerability management.
  • Solid understanding of ISO 27001, PCI DSS, SOC 2, and NIST CSF.
  • Working AI security literacy, including use of AI-assisted security tooling and securing AI/LLM and agentic applications.
  • Excellent verbal and written communication skills, fluent English, and the ability to influence engineers with data and best practices.
  • Professional certification such as CISSP, CCSP, OSCP, AWS Security Specialty, or CISM is an advantage.
  • Experience in payments, fintech, banking, or another regulated environment is an advantage.
  • Familiarity with operational-resilience expectations, such as DORA-style requirements, is an advantage.
  • Experience standing up a security function is an advantage.

Benefits

  • Fast-growing payment company.
  • Excellent working conditions, casual atmosphere, and state-of-the-art hardware.
  • Modern, challenging, and constantly growing business.
  • Professional development support, including books, trainings, and certifications.
  • Team buildings and fun activities.
  • 25 days paid holiday, plus 1 additional day for every 2 years with the company.
  • Fully distributed and remote work.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Associate, Compliance

GLG 5K-10K Professional Services

GLG is hiring a Compliance Senior Analyst in Shanghai to support expert screening, compliance surveillance, and day-to-day policy guidance for internal teams across China-related engagements.

10 hours, 29 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking project-based compliance contributors to test, evaluate, and improve AI systems through regulatory analysis and documentation work.

11 hours, 14 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time contributors for project-based AI work focused on testing, evaluating, and improving compliance-related AI systems for leading tech companies.

11 hours, 29 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time, project-based compliance contributors to test and document AI-related regulatory scenarios for leading tech companies.

11 hours, 29 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers