Information Security Manager (Core)
Revolut
Information Security Manager (Core)
Remote: New ZealandAbout Revolut
People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products — including spending, saving, investing, exchanging, travelling, and more — help our 60+ million customers get more from their money every day.
As we continue our lightning-fast growth, 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work™. So far, we have 10,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.
About the role
Our Technology team isn’t just one of the best in the industry, it’s one of the best in the world. And we’re proud of it. It’s our driving force, our engine. From building a new banking backend to creating an award-winning app, there’s nothing (and we mean nothing) our tech team can’t do.
Our Technology team isn’t here to fix legacy systems — it’s here to build world-class financial products from the ground up. Products that'll be used by millions of people around the world (60+ million people, not that we’re counting)
We’re building one of the best Information Security teams to make Revolut the safest place to keep your money — and that’s where you come in. We need a highly experienced and detail-oriented Technology Risk Manager to support risk management across Technology and Product departments. Someone with solid knowledge about technical risk and an absolute love for security technologies.
Up for the challenge? Get in touch.
What you'll be doing
- Analysing risk profiles across Technology and Product teams
- Supporting teams in managing and reducing operational risk
- Designing, implementing, and testing risk controls
- Performing risk and control assessments and deep dives within various product and technology teams to come up with actionable insights
- Managing risks to prevent major incidents and breaches
- Reducing non-compliance exposure in technology domains
- Establishing and running risk committees and working groups to improve the risk posture of the organisation
- Delivering technology risk insights and reports for Board and Executive Committees
- Developing data-driven metrics such as KRIs and BCIs
- Regularly engaging with internal and external stakeholders on the group's IT risk posture
- Driving effective implementation and communication of operational risk management policies and guidelines.
- Providing IT risk management consulting to the business, technical & operations groups
- Identifying and assessing technology risks impacting projects
- Developing mitigation strategies to address those risks
What you'll need
- 4+ years in financial services, fintech, or technology service firms
- An Understanding of IT infrastructure (Cloud), software, hardware, tooling, data flows, and operations
- Awareness of how technology impacts security posture, policies, and operational resilience, including change control and BC/DR
- An understanding of the hierarchy of technology, operations, and security policies and standards
- Familiarity with policy compliance and oversight processes
- An understanding of the hierarchy of technology, operations, and security policies and standards
- Familiarity with policy compliance and oversight processes
- The ability to adapt messages based on the audience and expectations while interacting with 1LOD and other stakeholders
- An Understanding of ERM frameworks
- The ability to define risk appetite, assess impact, and identify risk likelihood
- Capability to measure risks against appetite using risk assessment frameworks and reporting categories
- Experience in the RCSA process, tools, and frameworks
- The ability to support 1LOD in executing control testing
- A STEM degree, preferably in Computer Science or IT
- Experience in performing IT Audits or working in 1LOD as a Technology Risk Manager in a financial services or technology firm
- Familiarity with industry and regulatory standards related to technology and security (SOX, SOC2, ISO, COBIT, ITIL)
Nice to have
- Familiarity with card products, investments, or FX operations in New Zealand
- Technology and change delivery experience at a leading/global consultancy firm
- Experience building and/or scaling up the technology function of a financial services institution or fintech
- Relevant industry-recognised certifications, such as Certified Change Management Professional (CCMP), Information Technology Infrastructure Library (ITIL), and/or Information Technology Service Management (ITSM)
- Proficiency in SQL and Python
Building a global financial super app isn’t enough. Our Revoluters are a priority, and that’s why in 2021 we launched our inaugural D&I Framework, designed to help us thrive and grow everyday. We're not just doing this because it's the right thing to do. We’re doing it because we know that seeking out diverse talent and creating an inclusive workplace is the way to create exceptional, innovative products and services for our customers. That’s why we encourage applications from people with diverse backgrounds and experiences to join this multicultural, hard-working team.
Important notice for candidates:
Job scams are on the rise. Please keep these guidelines in mind when applying for any open roles.
• Only apply through official Revolut channels. We don’t use any third-party services or platforms for our recruitment.
• Always double-check the emails you receive. Make sure all communications are being done through official Revolut emails, with an @revolut.com domain.
We won't ask for payment or personal financial information during the hiring process. If anyone does ask you for this, it’s a scam. Report it immediately.
By submitting this application, I confirm that all the information given by me in this application for employment and any additional documents attached hereto are true to the best of my knowledge and that I have not wilfully suppressed any material fact. I confirm I have disclosed if applicable any previous employment with Revolut. I accept that if any of the information given by me in this application is in any way false or incorrect, my application may be rejected, any offer of employment may be withdrawn or my employment with Revolut may be terminated summarily or I may be dismissed. By submitting this application, I agree that my personal data will be processed in accordance with Revolut's Candidate Privacy Notice