Information Security Governance Manager in Tipton

At EBANX, you’ll help expand access to payments and technology in some of the world’s most dynamic markets. We’re a unicorn-status fintech, AI-powered, and scaling fast across 29 countries and counting. Our platform connects leading global companies to more than 1 billion consumers, enabling seamless cross-border payments where it matters most. We build with purpose, move with speed, and create solutions that are both innovative and inclusive. If you’re looking to be part of a company that’s transforming the future of payments with clarity, ambition, and real-world impact — we’d love to meet you.

Responsibilities

• Lead and develop a high-performing Information Security team focused on Risk Management and Security Governance.
• Drive the identification, assessment, prioritization, and treatment of information security risks, ensuring clear visibility and effective communication of risk exposure to senior leadership.
• Oversee the implementation, maintenance, and continuous improvement of compliance programs and certifications, including ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27018, and PCI DSS.
• Define and maintain the Information Security governance framework, including policies, standards, procedures, and control oversight.
• Coordinate internal and external audits, security assessments, and the execution of remediation and risk treatment plans.
• Define, monitor, and report security KPIs, KRIs, and program effectiveness metrics, providing actionable insights to business and executive stakeholders.
• Drive the organization's security awareness and culture strategy through training programs, phishing simulations, targeted campaigns, and employee engagement initiatives.
• Partner with cross‑functional teams (Legal, Risk, HR, Engineering, Product, and Compliance) to embed security and risk management practices into business processes and strategic initiatives.
• Ensure security requirements are incorporated into new products, services, vendors, and third‑party relationships from the earliest stages of engagement.
• Provide regular reporting on security governance, compliance status, risk landscape, and strategic initiatives to leadership and relevant governance forums.
• Foster a culture of accountability, continuous improvement, and security‑first decision‑making across the organization.

Qualifications

• Proven experience leading teams, with the ability to motivate, coach, and develop people.
• Strong expertise in Information Security Risk Management, including risk identification, assessment, prioritization, treatment, and executive‑level reporting.
• Deep knowledge of Information Security Governance and Compliance, including risk management, internal controls, and security frameworks.
• Hands‑on experience with global standards and certifications such as ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27018, and PCI DSS.
• Strong communication skills, with the ability to translate technical risks into business impacts for both technical and executive audiences.
• Proven track record managing audits, assessments, and external regulatory demands.
• Analytical mindset with a business‑oriented approach, connecting security decisions, risk exposure, and compliance requirements with strategic goals.
• Experience designing and running awareness programs that go beyond checklists and truly shift culture.
• Passion for innovation and AI‑driven efficiency, with a proactive approach to leveraging AI and automation to optimize processes, reduce operational overhead, and enhance operational effectiveness.
• Advanced English – you’ll often interact with international stakeholders.

Bonus Points

• Advanced certifications in Information Security, Risk Management, or Governance, such as ISO/IEC 27001 Lead Auditor/Lead Implementer, CRISC, CISM, CISSP, or similar.
• Experience working in global or multicultural environments, with distributed teams and international operations.
• Familiarity with additional governance and risk frameworks such as NIST CSF, COBIT, SOX, or third‑party risk management programs.
• Knowledge of cloud security standards (e.g., AWS, GCP, Azure) and secure development practices.
• Hands‑on experience with awareness platforms (e.g., KnowBe4, Wombat, MetaCompliance) and phishing simulation tools.
• Experience presenting security and risk topics to executive committees, boards, or senior leadership forums.
• Previous involvement in security incident response, including coordination and post‑incident reviews.
• Passion for building a security culture, storytelling, and engaging people in non‑technical areas.
• Hands‑on experience using Artificial Intelligence (AI) or Machine Learning to automate governance processes, enhance risk analysis, streamline controls management, or improve compliance monitoring.

Benefits

• WAVES Program: Annual bonuses based on the company’s performance.
• Meal/Food Allowance: Credit provided on a flexible benefits card.
• EBANX Education: Financial support for undergraduate, graduate, and MBA programs to support your professional growth.
• EBANX Skills: Budget dedicated to workshops, courses, and certifications to encourage your continuous development.
• Language Classes: Spanish, English, and Portuguese lessons for your personal and professional development.
• EBANX Health: Comprehensive medical and dental plans fully covered for the employee, plus subsidies for dependents to take care of your and your family’s well‑being.
• EBANX Family: Childcare assistance, extended parental leave for caregivers, and support programs for pregnant employees and children.
• Life Insurance: Fully paid by EBANX.
• Transportation: Parking assistance or transportation vouchers, depending on your needs.
• EBANX Flexible: A special day off on your birthday, semi‑flexible working hours (8 hours/day, Monday to Friday), and year‑end recess between Christmas and New Year’s without affecting your vacation days.
• EBANX Play: Well‑being program including access to Wellhub, e‑Sports, and partnerships with SESC.
• Blue Club: Exclusive discounts at bakeries, restaurants, stores, courses, and more.

We believe it is possible to create a diverse, equal and inclusive environment.