InfoSec GRC Manager

About Airwallex

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 100,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale.

Proudly founded in Melbourne, we have a team of over 1,500 of the brightest and most innovative people in tech located across more than 20 offices across the globe. Valued at US$5.6 billion and backed by world-leading investors including Sequoia, Lone Pine, Greenoaks, DST Global, Salesforce Ventures and Mastercard, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us.

About the Team

Our Governance, Risk and Compliance Team are a critical part of the ongoing growth and success of Airwallex Globally. This team proactively identify key information security risks to the organisation, as well as designing and delivering preventative mitigation strategies through the development and management of InfoSec policies and standards.

What you'll do

This is a dynamic and autonomous role and you will be a trusted member of our InfoSec team. Working with senior leadership, you will proactively design and implement GRC related projects, including developing and managing policies and standards related to the security of our networks, systems and applications.

Responsibilites include:

• Evaluate risks and co-develop security standards and policies to manage InfoSec risks

• Develop guidelines, checklists and other resources to help non-technical employees understand InfoSec requirements

• Co-develop and maintain reporting metrics, dashboards and evidence artefacts for internal reporting and risk

• Provide support to all stakeholders on internal and external audits, third party vendor and partner reviews, and regulator questionnaires

• Perform internal and external security risk and exceptions assessments, identifying gaps and risks

• Whilst they don't directly report to you, you will provide leadership and guidance to the more junior members of the team

Who you are

We’re looking for people who meet the minimum qualifications for this role. The preferred qualifications are great to have, but are not mandatory.

Minimum qualifications:

• 8+ years of experience in the same or a similar role, with 3+ years of that in a financial services, payments and/or fintech business

• A high level of InfoSec and technical experience, giving you strong familiarity with InfoSec concepts and best practices

• Deep knowledge of compliance, regulatory and control frameworks (PCI-DSS, ISO27001, SOC2 and similar)

• An understanding of cloud platform and app security

Preferred qualifications:

• CISSP, CISA, CISM

Equal opportunity

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

Airwallex does not accept unsolicited resumes from search firms/recruiters.  Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.