Senior Information Security Manager in London

Ebury helps ambitious businesses unlock global growth, and we take the same approach with our people. We encourage innovation and movement, collaboration and problem-solving, and foster an environment where everyone can feel they belong, are valued, supported and empowered to succeed. If you’re a collaborator who wants to help transform how businesses operate globally, get in touch - we’d love to discuss how Ebury can accelerate your career so you can shape the future.

Ebury is seeking a high-caliber Information Security & GRC Manager to spearhead our global governance, risk, and compliance initiatives. This role is for a seasoned professional who thrives on owning programs rather than just executing tasks. You will act as the primary architect of our security frameworks, ensuring our ISMS is audit-ready and serves as a strategic enabler for Ebury’s global expansion. You will be the bridge between technical security requirements and business risk, providing expert guidance on complex regulatory landscapes. This is an opportunity to be a strategic part of an experienced infosec team at a high-growth fintech scale-up.

What you’ll do

• Governance & Compliance (BAU)

• GRC Strategy & Architecture: Design, implement, and mature our global GRC framework, collaborating with other teams to align it with ISO 27001, NIST, GDPR, and DORA.
• Risk Management Lifecycle: Own the risk assessment process - you will lead the quantification and communication of risk to business stakeholders to drive informed decision-making.
• Audit Ownership: Lead and manage external audits as the primary liaison. This includes overseeing the remediation of findings and ensuring we remain continuously compliant across multiple jurisdictions.
• TPRM Leadership: Mature our Third-Party Risk Management program. You will define the standards for vendor security and ensure high-impact partners meet Ebury’s rigorous risk appetite.
• Regulatory Horizon Scanning: Proactively monitor the evolving fintech regulatory landscape (e.g., EU AI Act, NIS2, regional cyber laws) and design the roadmaps to ensure Ebury remains ahead of the curve.

• GRC Automation: Lead the selection and full-scale implementation of automated GRC platforms to establish automation and robustness in GRC operations.
• Strategic Advisory: Act as a high-level consultant for new product launches and international expansions, ensuring 'Security by Design' is baked into strategic business moves.
• Cultural Leadership: Design and champion advanced security awareness programs that focus on shifting organizational behaviour through metrics-driven insights.

What you’ll need

• 5+ years of experience in Information Security, GRC, or Risk Management roles
• Strong knowledge of information security standards and regulations (ISO 27001, SOC 2, GDPR, FCA/DORA, NIST, etc.).
• Analytical skills: Ability to assess a 'Security Exception', experience with regulatory audits and working with financial regulators.
• Hands-on experience implementing risk management processes, control frameworks, and security metrics.
• Familiarity with GRC or risk platforms (e.g. OneTrust).
• Team player with exceptional communication and stakeholder management skills.
• Industry certifications such as CISSP, CRISC, CISA, or ISO 27001. Lead Implementer/Auditor are preferred.

Why Ebury?

• Competitive Starting Salary with an annual discretionary bonus that truly rewards your performance from day one.
• Dedicated Mentorship: Learn directly from experienced managers who are invested in your success.
• Cutting-Edge Technology: Leverage state-of-the-art tailor-made tools and systems that enable you to perform at your best.
• Clear, Accelerated Career Progression: Defined pathways to leadership and specialist roles within Ebury.
• Dynamic & Supportive Culture: Work in a collaborative environment where teamwork and personal growth are prioritized.
• Generous Benefits Package: Access competitive benefits tailored to your location, which typically include health care and social benefits.
• Central Madrid Office: A fantastic location with excellent transport links.

Ready to launch your career with a global FinTech? Click the ‘Apply’ Today and discover your potential at Ebury!

About us Ebury delivers sophisticated, integrated solutions — business accounts, hedging, and financing — on a single platform with a seamless workflow. Our success is built on a simple premise and singular purpose: To help businesses operate and scale globally. Since its founding in 2009, Ebury has always been a fast-growing leader in fintech. Today, we bring together 1,800+ Eburians across nearly 70 cities and we’re always looking to add to our team. At the heart of our offering is a proprietary platform, purpose-built to help businesses seamlessly streamline and manage global cash flow. We focus on continuous product evolution and innovation to build the infrastructure for borderless growth and help our clients scale at every stage. The opportunities at Ebury are as diverse as our people, ranging from business development to engineering roles across our tech pillars. We believe in inclusion. We stand against discrimination in all forms and are against the intolerance of differences that makes us a modern and successful organisation. At Ebury, you can be whoever you want to be and still feel a sense of belonging no matter your story.