Information Security Compliance Manager

The Company

Payrails is an innovative technology company with a team that has many years of experience in the payment industry and a real-life understanding of the merchants’ needs. We have seen the complexity firsthand and we have learned from all the challenges we've faced. Now we want to help leading technology companies around the world accept payments and build financial services with minimal upfront investments. 
Our vision at Payrails is to reimagine payments. We do this by removing heavy reliance on Engineering efforts using composable building blocks that put the control firmly in the hands of our customers. We exist to help our customers become more productive and flexible, impacting directly on their ability to grow. 
We are joined in our mission by top-tier investors Andreessen Horowitz, HV Capital, EQT, and General Catalyst, alongside a great cast of knowledgeable angel investors to enable us to solve the growing complexity of payments. 
At Payrails, we are committed to building a team full of the most talented people. Excellence is part of our values and we understand that in order to achieve this, we need to build an environment where skilled people can work openly, collaboratively, and with the utmost trust in one another. We believe people thrive the most when they are fully aware of what the business is trying to achieve, why it is important to the market, and what challenges lie in the way to reaching our goals. In such an environment we believe people can truly excel, grow and enjoy working together. We try hard to be a company where everyone is inspired and feels a sense of responsibility to do the right thing to help us bring our vision to life. 
Succeeding with us is about finding solutions to the most pressing problems and executing them effectively.

Your Team

Payrails is a true tech company: our Product is designed by engineers for engineers. Compliance at Payrails is no different, we embed regulatory excellence into our technology to create a seamless, scalable, and resilient payment experience.

Our mission is to ensure compliance without compromising innovation. We automate, streamline, and integrate compliance processes to support a high-growth, global business.

Our Compliance culture is built on three main pillars:

• Operational Excellence: We build scalable compliance frameworks that adapt to global regulations.

• Open Communication & Quick Feedback: We collaborate closely with engineers, product teams, and regulators to drive efficient decision-making.

• Continuous Learning & Knowledge Sharing: We stay ahead of regulatory changes, leveraging technology to enhance compliance capabilities.

As part of our Tech & Compliance team, you'll work alongside ambitious engineers and compliance experts to solve complex regulatory challenges on a global scale.

What You will be doing

• You will develop and manage the organization's information security compliance program, ensuring alignment with regulatory requirements (e.g. GDPR, PCI DSS, ISO 27001, SOC 2).

• You will coordinate internal and external audits and assessments, ensuring readiness and response to compliance requirements and develop action plans to address findings and recommendations.

• You will create, update, and maintain security policies, standards, and procedures in accordance with industry best practices and regulatory requirements.

• You will stay informed about emerging regulations, industry trends, and security standards, adapting the compliance program as necessary.

• You will serve as the subject matter expert on compliance topics and provide guidance and support to internal stakeholders.

• You will collaborate with the security operations team to develop and improve incident response procedures.

• You will ensure that third-party service providers meet the organization's security compliance requirements by conducting vendor assessments and reviews.

• You will track and report on compliance metrics, risks, and issues to senior management and relevant stakeholders.

You'll be great for this role if

• You have a Bachelor’s degree in Information Security, Information Technology, Computer Science, Business, or a related field (or equivalent experience).

• You have 5+ years of experience in information security, IT audit, risk management, or compliance roles.

• You have hands-on experience managing compliance programs and frameworks such as PCI DSS, ISO 27001, SOC 2, GDPR, etc.

• Preferred certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent.

• You have a strong ability to assess complex compliance risks and recommend solutions.

• You have strong verbal and written communication skills, with the ability to influence and educate a range of stakeholders.

• You have experience leading projects, managing timelines, and meeting compliance deadlines.

• You have a high level of accuracy and a thorough approach to managing compliance requirements.

• You have a strong understanding of security controls, threat management, and incident response.

Why You should join Payrails

• You can truly create your own path by taking responsibility and implementing your own ideas

• We offer visa and relocation support to you and your family where required

• We offer a hybrid working environment

• You have 27 annual vacation days + 1 day of paid birthday leave for you to have fun and party without any worries!

• You will have the opportunity to travel abroad

• We get together regularly for team lunches and events

• You help us shape the future of payments

At Payrails, we prioritize a culture of inclusivity and diversity, evaluating candidates solely based on their skills and potential, regardless of age, gender, identity, ethnicity, sexual orientation, disability status, or religion. We welcome applications from individuals of all backgrounds and identities.  In line with our commitment to fairness, we kindly request applicants to refrain from including personal details such as a picture, age, or marital status in their CVs.