Senior Information Security Manager

Senior Information Security Manager

Full-Time 70000 - 90000 £ / year (est.) Home office (partial)
ebury anz

At a Glance

  • Tasks: Lead global governance, risk, and compliance initiatives in a dynamic fintech environment.
  • Company: Join Ebury, a high-growth fintech helping businesses unlock global growth.
  • Benefits: Competitive salary, mentorship, cutting-edge tech, and generous benefits package.
  • Other info: Central Madrid office with excellent transport links and clear career progression.
  • Why this job: Shape the future of security in a collaborative and supportive culture.
  • Qualifications: 5+ years in Information Security with strong knowledge of regulations and risk management.

The predicted salary is between 70000 - 90000 £ per year.

Ebury helps ambitious businesses unlock global growth, and we take the same approach with our people. We encourage innovation and movement, collaboration and problem‑solving, and foster an environment where everyone can feel they belong, are valued, supported and empowered to succeed. If you’re a collaborator who wants to help transform how businesses operate globally, get in touch – we’d love to discuss how Ebury can accelerate your career so you can shape the future.

Ebury is seeking a high‑caliber Information Security & GRC Manager to spearhead our global governance, risk, and compliance initiatives. This role is for a seasoned professional who thrives on owning programs rather than just executing tasks. You will act as the primary architect of our security frameworks, ensuring our ISMS is audit‑ready and serves as a strategic enabler for Ebury’s global expansion. You will be the bridge between technical security requirements and business risk, providing expert guidance on complex regulatory landscapes. This is an opportunity to be a strategic part of an experienced infosec team at a high‑growth fintech scale‑up.

What you’ll do

  • Governance & Compliance (BAU)
  • GRC Strategy & Architecture: Design, implement, and mature our global GRC framework, collaborating with other teams to align it with ISO 27001, NIST, GDPR, and DORA.
  • Risk Management Lifecycle: Own the risk assessment process – lead the quantification and communication of risk to business stakeholders to drive informed decision‑making.
  • Audit Ownership: Lead and manage external audits as the primary liaison. This includes overseeing the remediation of findings and ensuring we remain continuously compliant across multiple jurisdictions.
  • TPRM Leadership: Mature our Third‑Party Risk Management program. Define the standards for vendor security and ensure high‑impact partners meet Ebury’s rigorous risk appetite.
  • Regulatory Horizon Scanning: Proactively monitor the evolving fintech regulatory landscape (e.g., EU AI Act, NIS2, regional cyber laws) and design the roadmaps to ensure Ebury remains ahead of the curve.
  • Strategic Projects & Process Maturation
  • GRC Automation: Lead the selection and full‑scale implementation of automated GRC platforms to establish automation and robustness in GRC operations.
  • Strategic Advisory: Act as a high‑level consultant for new product launches and international expansions, ensuring "Security by Design" is baked into strategic business moves.
  • Cultural Leadership: Design and champion advanced security awareness programs that focus on shifting organizational behavior through metrics‑driven insights.

What you’ll need

  • 5+ years of experience in Information Security, GRC, or Risk Management roles
  • Strong knowledge of information security standards and regulations (ISO 27001, SOC 2, GDPR, FCA/DORA, NIST, etc.).
  • Analytical skills: Ability to assess a "Security Exception", experience with regulatory audits and working with financial regulators.
  • Hands‑on experience implementing risk management processes, control frameworks, and security metrics.
  • Familiarity with GRC or risk platforms (e.g. OneTrust).
  • Team player with exceptional communication and stakeholder management skills.
  • Industry certifications such as CISSP, CRISC, CISA, or ISO 27001. Lead Implementer/Auditor are preferred.

Why Ebury?

  • Competitive Starting Salary with an annual discretionary bonus that truly rewards your performance from day one.
  • Dedicated Mentorship: Learn directly from experienced managers who are invested in your success.
  • Cutting‑Edge Technology: Leverage state‑of‑the‑art, tailor‑made tools and systems that enable you to perform at your best.
  • Clear, Accelerated Career Progression: Defined pathways to leadership and specialist roles within Ebury.
  • Dynamic & Supportive Culture: Work in a collaborative environment where teamwork and personal growth are prioritized.
  • Generous Benefits Package: Access competitive benefits tailored to your location, which typically include health care and social benefits.
  • Central Madrid Office: A fantastic location with excellent transport links.

Senior Information Security Manager employer: ebury anz

Ebury is an exceptional employer that prioritises the growth and well-being of its employees, offering a dynamic and supportive culture where collaboration and innovation thrive. With a competitive salary, dedicated mentorship, and clear pathways for career progression, Ebury empowers its team members to excel in their roles while enjoying the vibrant atmosphere of central Madrid. The company's commitment to cutting-edge technology and generous benefits further enhances the rewarding experience of working in a high-growth fintech environment.

ebury anz

Contact Details:

ebury anz Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Information Security Manager

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including ebury anz, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through ebury anz

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at ebury anz. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Senior Information Security Manager

Information Security
Governance, Risk, and Compliance (GRC)
ISO 27001
NIST
GDPR
Risk Management
Audit Management

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at ebury anz insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to ebury anz that you’re committed to staying ahead in the game.

How to prepare for a job interview at ebury anz

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at ebury anz to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at ebury anz.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.