Head of Security (Fully Remote)

Metro Manila, Philippines - Remote

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Senior-level / Expert USD 65K - 121K * ^est.

EXUS

EXUS specialises in Debt Collection and Loan recovery management software solutions. Streamline and optimise the debt collection process.

View all jobs at EXUS

Apply now Apply later

Posted 3 weeks ago

EXUS is an enterprise software company, founded in 1989 with the vision to simplify risk management software. EXUS launched it's Financial Suite (EFS) in 2003 with the aim to support financial entities worldwide to improve their results. Today, our EXUS Financial Suite (EFS) is trusted by risk professionals in more than 50 countries worldwide (MENA, EU, SEA). Two of our clients in SEA are major banks in the Philippines. We introduce simplicity and intelligence in their business processes through technology, improving their collections performance.

Our people constitute the source of inspiration that drives us forward and help us fulfill our purpose of being role models for a better world.

This is your chance to be part of a highly motivated, diverse, and multidisciplinary team, which embraces breakthrough thinking and technology to create software that serves people. We offer a creative, fun, and above all, inspiring working environment that fosters team spirit and promotes the greater good. We are positive and eager to learn and explore. We are committed to our vision.

Our shared Values:

We are transparent and direct

We are positive and fun, never cynical or sarcastic

We are eager to learn and explore

We put the greater good first

We are frugal and we do not waste resources

We are fanatically disciplined, we deliver on our promises

We are EXUS! Are you?

EXUS is looking for a Head of Security to join us remotely at a company that is revolutionizing the way credit risk is managed.
This role reports directly to the CTO and requires a strong focus on DevSecOps practices. More specifically:

Requirements

Main duties:

Lead Cloud Security Strategy for Managed Services
Lead a security team supporting cloud services, including DevSecOps engineers and cloud security architects.
Collaborate with cloud operations, DevOps, compliance, and client success teams to ensure secure delivery of managed services.
Secure cloud and on-premises infrastructure, containerized workloads, and Kubernetes clusters
Implement and monitor compliance with industry security benchmarks (e.g. CIS, NIST)
Automate auditing and evidence collection for compliance certifications such as PCI-DSS and ISO 27001
Implement a shift-left security strategy by integrating security controls and scanning tools into CI/CD pipelines (e.g. SAST, DAST, container image scanning)
Design and implement threat detection, prevention, and response mechanisms (e.g. IDS, runtime security)
Collaborate closely with the IT team to secure and automate internal systems, endpoints, and services
Establish and enforce Kubernetes security policies (e.g. RBAC, network policies, Pod Security Standards)
Provide security guidance to development teams and help enforce secure coding and deployment practices

Requirements:

BSc degree in Computer Science, Cybersecurity, or a related field (MSc degree is a plus)
8+ years of experience in DevOps, Security Engineering, or DevSecOps
Deep expertise in:

Cloud security (AWS, Azure, or GCP)
Infrastructure as Code (e.g. Terraform, Ansible) and related security tooling (e.g. trivy, Checkov)
CI/CD security practices and tools
Identity and access management (IAM)

Proficiency with scripting (e.g. Python, Bash) for automation tasks
Strong experience with:

Compliance frameworks (PCI-DSS, ISO 27001)
Security monitoring, alerting, and SIEM tools

Preferred Skills:

Certifications such as CISSP, GCPN, or CKS
Experience with Zero Trust architecture and endpoint security
Knowledge of container security platforms and tools (e.g. Aqua, Prisma Cloud, Sysdig, Falco)
Experience participating in or leading incident response efforts

General skills: