Information Security Manager - Financial Services Technology (Remote)

About the Role

We’re hiring an Information Security Manager to join our growing team in the financial services technology sector. This remote Information Security Manager position offers a unique opportunity to take ownership of security and compliance functions while shaping the next phase of our security maturity. You will not only maintain a program but also improve it, becoming the go-to person for security across the business.

What You'll Do

• Own and run the company’s SOC 2 program and broader security compliance initiatives.
• Develop and improve security policies, controls, and governance frameworks (SOC 2, ISO 27001, NIST).
• Manage and respond to security alerts, vulnerabilities, and incidents.
• Oversee cloud and infrastructure security across AWS and Kubernetes environments.
• Lead identity and access management, including access reviews and privileged access controls.
• Coordinate penetration testing, risk assessments, and remediation programs.
• Manage business continuity and disaster recovery planning and testing.
• Act as the main point of contact for client security questionnaires, audits, and security discussions.
• Conduct vendor security reviews and manage third-party risk.
• Report on security posture, risk, and ongoing improvements to leadership.
• Support security for AI/ML systems and data pipelines, including model security, data protection, and access controls.

Requirements

• 6+ years of experience in Information Security with strong hands-on technical experience.
• Experience running SOC 2 in a real production environment.
• Strong cloud security experience, particularly in AWS (GCP is a plus).
• Experience working with Kubernetes and modern cloud infrastructure.
• Familiarity with EDR/XDR tools such as CrowdStrike (or similar).
• Experience securing data, APIs, and AI/ML systems is a strong plus.
• Ability to communicate with both technical teams and non-technical stakeholders, including clients and auditors.
• Certifications such as CISSP, CISM, or Security+ are helpful but not essential.

Nice to Have

• Experience working in regulated environments such as financial services, fintech, or SaaS.

What We Offer

• Fully remote role with a high level of ownership and autonomy.
• Opportunity to work in a modern cloud-native environment, not legacy infrastructure.
• Direct exposure to clients and leadership.
• Ability to make measurable improvements and see the impact of your work.
• Work in a role where security is taken seriously and has real visibility.