Head of Security (Fully Remote)
Metro Manila, Philippines - Remote
EXUS
EXUS specialises in Debt Collection and Loan recovery management software solutions. Streamline and optimise the debt collection process.EXUS is an enterprise software company, founded in 1989 with the vision to simplify risk management software. EXUS launched it's Financial Suite (EFS) in 2003 with the aim to support financial entities worldwide to improve their results. Today, our EXUS Financial Suite (EFS) is trusted by risk professionals in more than 50 countries worldwide (MENA, EU, SEA). Two of our clients in SEA are major banks in the Philippines. We introduce simplicity and intelligence in their business processes through technology, improving their collections performance.
Our people constitute the source of inspiration that drives us forward and help us fulfill our purpose of being role models for a better world.
This is your chance to be part of a highly motivated, diverse, and multidisciplinary team, which embraces breakthrough thinking and technology to create software that serves people. We offer a creative, fun, and above all, inspiring working environment that fosters team spirit and promotes the greater good. We are positive and eager to learn and explore. We are committed to our vision.
Our shared Values:
- We are transparent and direct
- We are positive and fun, never cynical or sarcastic
- We are eager to learn and explore
- We put the greater good first
- We are frugal and we do not waste resources
- We are fanatically disciplined, we deliver on our promises
We are EXUS! Are you?
EXUS is looking for a Head of Security to join us remotely at a company that is revolutionizing the way credit risk is managed.
This role reports directly to the CTO and requires a strong focus on DevSecOps practices. More specifically:
Requirements
Main duties:
- Lead Cloud Security Strategy for Managed Services
- Lead a security team supporting cloud services, including DevSecOps engineers and cloud security architects.
- Collaborate with cloud operations, DevOps, compliance, and client success teams to ensure secure delivery of managed services.
- Secure cloud and on-premises infrastructure, containerized workloads, and Kubernetes clusters
- Implement and monitor compliance with industry security benchmarks (e.g. CIS, NIST)
- Automate auditing and evidence collection for compliance certifications such as PCI-DSS and ISO 27001
- Implement a shift-left security strategy by integrating security controls and scanning tools into CI/CD pipelines (e.g. SAST, DAST, container image scanning)
- Design and implement threat detection, prevention, and response mechanisms (e.g. IDS, runtime security)
- Collaborate closely with the IT team to secure and automate internal systems, endpoints, and services
- Establish and enforce Kubernetes security policies (e.g. RBAC, network policies, Pod Security Standards)
- Provide security guidance to development teams and help enforce secure coding and deployment practices
Requirements:
- BSc degree in Computer Science, Cybersecurity, or a related field (MSc degree is a plus)
- 8+ years of experience in DevOps, Security Engineering, or DevSecOps
- Deep expertise in:
- Cloud security (AWS, Azure, or GCP)
- Infrastructure as Code (e.g. Terraform, Ansible) and related security tooling (e.g. trivy, Checkov)
- CI/CD security practices and tools
- Identity and access management (IAM)
- Proficiency with scripting (e.g. Python, Bash) for automation tasks
- Strong experience with:
- Compliance frameworks (PCI-DSS, ISO 27001)
- Security monitoring, alerting, and SIEM tools
Preferred Skills:
- Certifications such as CISSP, GCPN, or CKS
- Experience with Zero Trust architecture and endpoint security
- Knowledge of container security platforms and tools (e.g. Aqua, Prisma Cloud, Sysdig, Falco)
- Experience participating in or leading incident response efforts
General skills:
- Excellent knowledge of English language (both verbal & written)
- Strong problem-solving skills and analytical thinking
- Team player, self-motivated, constantly seeking new knowledge
- Fulfilled military obligations
Benefits
At EXUS we help our people to achieve excellent results by creating a work environment that encourages individual and team success.
- Fully remote work setup
- Competitive salary
- Inclusive work environment & Well-being Program
- A clear induction program & a mentoring buddy to help you
- Private health insurance allowance
- Unlimited time off
Privacy Notice for Job Applications: https://www.exus.co.uk/en/careers/privacy-notice-for-job-applications/
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Audits Automation AWS Azure Bash CI/CD CISSP Cloud Compliance Computer Science DAST DevOps DevSecOps Endpoint security GCP IAM IDS Incident response ISO 27001 Kubernetes Monitoring NIST Privacy Python Risk management SAST Scripting Security strategy SIEM Strategy Terraform Threat detection Zero Trust
Perks/benefits: Competitive pay Health care Unlimited paid time off
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.