Information Security Manager

Who are we?

Hi! 👋 We are Ravelin! We're a fraud detection company using advanced machine learning and network analysis technology to solve big problems. Our goal is to make online transactions safer and help our clients feel confident serving their customers.

And we have fun in the meantime! We are a friendly bunch and pride ourselves in having a strong culture and adhering to our values of resourcefulness, ambition, thoughtfulness and integrity. We really value work/life balance and we embrace a flat hierarchy structure company-wide. Join us and you’ll learn fast about cutting-edge tech and work with some of the brightest and nicest people around - check out our Glassdoor reviews.

If this sounds like your cup of tea, we would love to hear from you! For more information check out our blog to see if you would like to help us prevent crime and protect the world's biggest online businesses.

The Role

Our data is a crucial part to our success and of great importance to our clients, our partners and to our team. This is why we are currently looking for someone to help evolve the security function. As the Information Security Manager in the team, you will be working with our Security engineers as well as other teams and stakeholders to drive improvements to our security program and ensure a pragmatic approach to security and risk.

Responsibilities

• Develop, implement, and maintain the organization's information security policies, standards, and procedures in alignment with business objectives, while considering operational needs.
• Direct the management and continuous improvement of the Information Security Management System (ISMS).
• Oversee and manage Ravelin’s PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified.
• Conduct routine risk assessments to determine and reduce information security risks across the business through the establishment of risk treatment plans.
• Serve as the primary liaison for security matters, both internally and externally.
• Collaborate with leadership and internal stakeholders to integrate security best practices into business processes.
• Ensure continuous adherence to all relevant legal, regulatory, and contractual security obligations.
• Remain current on the latest security threats, technologies, and best practices.
• Lead, manage, and evaluate the security roadmap to assure timely and effective resolution of priority issues.
• Maintain a robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations.

Requirements

• Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS.
• Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments.
• Familiarity with information security frameworks (e.g., NIST, CIS).
• Proficiency in risk management methodologies.
• Knowledge of common security technologies (e.g., firewalls, EDR, SIEM, vulnerability scanners).
• Exceptional analytical, problem-solving, and decision-making abilities.
• Excellent communication (written and verbal), interpersonal, and presentation skills.
• Ability to operate autonomously and manage multiple priorities in a dynamic environment.
• Proven capacity to analyze and recommend pragmatic and practical solutions to intricate business and technical problems.
• Experience with cloud security

Nice to Haves

• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
• Specific experience with Google Cloud Platform security and best practices
• Familiarity with AI security and risk management
• A previous technical background would be advantageous

Benefits

• Flexible Working Hours & Remote-First Environment - Work when and where you’re most productive, with flexibility and support.
• Comprehensive BUPA Health Insurance - Stay covered with top-tier medical care for your peace of mind.
• £1,000 Annual Wellness and Learning Budget - Prioritise your health, well-being and learning needs with funds for fitness, mental health, and more.
• Monthly Wellbeing and Learning Day - Take every last Friday of the month off to recharge or learn something new, up to you.
• 25 Days Holiday + Bank Holidays + 1 Extra Cultural Day - Enjoy generous time off to rest, travel, or celebrate what matters to you.
• Mental Health Support via Spill - Access professional mental health services when you need them.
• Aviva Pension Scheme - Plan for the future with our pension program.
• Ravelin Gives Back - Join monthly charitable donations and volunteer opportunities to make a positive impact.
• Fortnightly Randomised Team Lunches - Connect with teammates from across the company over in person or remote lunches every other week, on us!
• Cycle-to-Work Scheme - Save on commuting costs while staying active.
• BorrowMyDoggy Access - Love dogs? Spend time with a furry friend through this unique perk.
• Weekly Board Game Nights & Social Budget - Unwind with weekly board games or plan your own socials, supported by a company budget.

*Job offers may be withdrawn if candidates do not meet our pre-employment checks: unspent criminal convictions, employment verification, and right to work.*