RemoteLeaf Logo
Log in Sign up

InfoSec Manager

2 weeks, 1 day ago
United Kingdom, Philippines
Full-time
Lead
Security Engineer
DevOps and Infrastructure
Azure Penetration Testing SOC Terraform
Apply Now
First Circle

First Circle

First Circle is a leading FinTech company offering non-collateral business loans up to ₱20 million to SMEs in Southeast Asia, enabling rapid growth through B2B trade financing.

Diversified Financial Services
51-250
Founded 2015
$28M raised
View All Jobs

Description

  • Define the security strategy, priorities, and operating model aligned to business goals.
  • Own ISO 27001 certification from scoping through audit completion.
  • Implement and manage external penetration testing and remediation, ensuring findings are closed or formally risk-accepted.
  • Stand up and oversee the MSSP and SOC, including alerting, SLA tracking, and escalation processes.
  • Design, implement, and maintain security policies, standards, and procedures aligned with global standards and local regulations.
  • Embed secure-by-design practices into engineering and product development in collaboration with engineering and DevOps teams.
  • Lead vulnerability management, including regular scanning, prioritisation, and remediation tracking.
  • Build and maintain the security risk register for internal, external, vendor, and supply chain risks.
  • Develop security awareness and training programs, including phishing simulations and incident response drills.
  • Own incident response, third-party risk management, and cybersecurity engagement with regulators and payment/security frameworks.

Requirements

  • Experience building a security function from scratch in a regulated fintech, payments business, or bank.
  • Hands-on security leadership experience, not just advisory or consulting experience.
  • Experience taking an organisation through ISO 27001 as the responsible owner.
  • Experience leading a Sev-1 incident from initial response through post-mortem.
  • Experience selecting, standing up, and tuning an MSSP, including dismissing an underperforming vendor if needed.
  • Experience writing IAM policy that works in a real engineering environment.
  • Azure-native experience and the ability to work directly in cloud consoles and read Terraform.
  • Ability to contribute hands-on in code and debugging; this role is not for someone whose last line of code was more than 5 years ago.
  • Certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor are preferred as useful signals.
  • Experience working with regulated banks, card processors, payment rails, KYC providers, or similar third-party risk environments is important.

Benefits

  • Competitive compensation with no fixed budget; offers are adjusted based on experience and market rate.
  • Equity ownership in a fast-growing, profitable NeoBank.
  • Flexible working hours and location, with remote work available.
  • Optional access to offices in London, Manila, Singapore, Hong Kong, and Belgrade.
  • MacBook provided.
  • Private health insurance.
  • Training budget and other perks.
  • Periodic travel to headquarters in Southeast Asia.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Smart Working

Anti-Bot Engineer (Remote, Full-Time) [HR177]

Smart Working Internet Software & Services

Smart Working is hiring a senior Anti-Bot Engineer to build and operate large-scale web scraping systems that reliably extract data from highly protected, fast-changing websites.

India Full-time Senior Backend Engineer Security Engineer
Docker Go HTTP JavaScript Kubernetes Playwright Puppeteer Python Rust Selenium
1 hour, 37 minutes ago
Your Business

Senior Microsoft 365 Engineer

Your Business Internet Software & Services

NRI North America is hiring a Senior Microsoft 365 Engineer to support managed services clients remotely by resolving escalations and optimizing Microsoft 365 environments, with a primary focus on M365 security.

Anywhere Full-time Senior Cloud Engineer Security Engineer
$75k-$95k
Active Directory PowerShell
1 hour, 44 minutes ago
Civica

Cyber Security Strategist

Civica 1K-5K Internet Software & Services

Civica is seeking a Cyber Security Strategist to shape security architecture, integration, and governance across its enterprise and cloud environments supporting critical public services.

India Full-time Lead Security Engineer
AWS Azure Cybersecurity DevSecOps Docker GCP GitHub Kubernetes WAF
2 hours, 5 minutes ago
JumpCloud

Security Engineer, DevSecOps - Mexico

JumpCloud 251-1K Internet Software & Services

JumpCloud is hiring a remote Security Engineer for its DevSecOps team in Mexico to design and build cloud security automation, detection, and vulnerability management solutions that protect the company’s data and infrastructure.

Mexico Full-time Mid Level Security Engineer
AWS DevSecOps GCP GitHub Actions Go Python SIEM Terraform
4 hours, 6 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers