Senior Information Security Manager
Ebury Madrid Office - Hybrid: 4 days in the office, 1 day working from home per week
This is an opportunity to be a strategic part of an experienced infosec team at a high-growth fintech scale-up.
Governance & Compliance (BAU)
* Risk Management Lifecycle: Own the risk assessment process – lead quantification and communication of risk to business stakeholders.
* Audit Ownership: Lead and manage external audits, oversee remediation of findings, ensuring continuous compliance across multiple jurisdictions.
* TPRM Leadership: Mature our Third‑Party Risk Management program, define vendor security standards and ensure partners meet risk appetite.
* Regulatory Horizon Scanning: Monitor evolving fintech regulatory landscape and design roadmaps to keep Ebury ahead of the curve.
GRC Strategy & Architecture
Design, implement and mature the global GRC framework, collaborating with other teams to align it with ISO 27001, NIST, GDPR, and DORA.
Strategic Projects & Process Maturation
* GRC Automation: Lead selection and implementation of automated GRC platforms to enhance operational robustness.
* Strategic Advisory: Act as a high‑level consultant for new product launches and international expansions, ensuring “Security by Design” is baked into strategic moves.
* Cultural Leadership: Design and champion advanced security awareness programs that shift organizational behavior through metrics‑driven insights.
What you’ll need
* 5+ years of experience in Information Security, GRC or Risk Management roles.
* Strong knowledge of information security standards and regulations (ISO 27001, SOC 2, GDPR, FCA/DORA, NIST, etc.).
* Analytical skills: ability to assess a security exception, experience with regulatory audits and working with financial regulators.
* Hands‑on experience implementing risk management processes, control frameworks, and security metrics; familiarity with GRC or risk platforms (e.g. OneTrust).
* Team player with exceptional communication and stakeholder management skills.
* Industry certifications such as CISSP, CRISC, CISA, or ISO 27001. Lead Implementer/Auditor are preferred.
Why Ebury?
* Competitive Starting Salary with an annual discretionary bonus that rewards performance from day one.
* Dedicated Mentorship: Learn directly from experienced managers invested in your success.
* Cutting‑Edge Technology: Leverage state‑of‑the‑art tools and systems.
* Clear, Accelerated Career Progression: Defined pathways to leadership and specialist roles.
* Dynamic & Supportive Culture: Collaborative environment prioritizing teamwork and growth.
* Generous Benefits Package: Health care and social benefits tailored to location.
* Central Madrid Office: Fantastic location with excellent transport links.
Ebury is an equal opportunity employer. We believe in inclusion and stand against discrimination in all forms.
#J-18808-Ljbffr