NOVACARD
Information Security Lead
engineeringfulltime-permanentRemote job
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
fulltime-permanent
INDUSTRY
fintech
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more
About the role
Key Responsibilities
- Work closely with Engineering, Product and DevOps teams to ensure security is embedded into products, platforms, and operational processes from early design stages through delivery and release cycles.
- Participate in product discovery, architecture discussions, sprint planning, change management, and release processes to ensure security requirements are addressed early and do not become delivery blockers.
- Collaborate with Compliance and Legal teams to align local regulatory requirements with product and engineering roadmaps.
- Implement and maintain controls required by CNBV, PCI DSS, and other applicable local regulatory obligations, ensuring continuous compliance.
- Implement central information security policies and develop country-specific procedures and controls in coordination with local compliance stakeholders.
- Integrate secure development practices into the SDLC, including architecture reviews, threat modeling, vulnerability management, and security checkpoints within delivery pipelines.
- Improve security monitoring capabilities and SOC coverage for the local IT environment, including configuring monitoring rules and defining incident escalation procedures.
- Lead incident response activities, coordinate investigations with engineering and product teams, conduct root cause analysis, and organize post-incident awareness sessions.
- Manage and operate local Data Loss Prevention (DLP) solutions and related processes.
- Develop, maintain, and test Disaster Recovery Plans (DRP), including organizing annual recovery exercises.
- Establish and operate vulnerability management processes, including regular scanning, prioritization of findings, and tracking remediation efforts.
- Define and deliver regular security reporting and metrics to local business leadership and the central CISO organization.
- Organize and coordinate annual assessments of the cybersecurity management system and support remediation planning.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $15/mo. Cancel anytime.
Get AutoApply