LemFi (YC S21) is building the neo-bank for the African diaspora in North America & Europe & the UK. We provide our users with a mulI-currency account that allows them to hold, send, and receive money from Africa in any currency for their business and personal banking needs.

Who you are:

You are a candidate who would thrive in a fintech startup environment like ours, where we readily accept individuals with a humble, yet uplifting attitude alongside a diligent sense of work ethic. The teams here at LemFi are passionate about their work and fields of expertise, but also lend hands on cross-functional responsibilities to ensure the success of the company and the satisfaction of our clientele.

Job Summary:

The role of the Cyber Security Manager is a fully remote position within LemFi’s Engineering team. We are looking for a suitable individual to lead our cyber security function. You will be responsible for analysing the company’s security and data protection posture and controls and overseeing the implementation of the information security management program. Previous experience in information security compliance in the regulated financial services sector is desirable.

The successful candidate will possess a strong background in Cyber Security landscape (emerging and current threats in marketplace), Information Security, incorporating a combination of governance, risk and compliance knowledge along with strong technical knowledge of IT operations, network, infrastructure and application security in a modern technology landscape.

In addition to leading and managing the team, this role is very much hands on, where the successful candidate will be actively involved in the day-to-day operations and oversight of the Information and Cyber security Team.

Responsibilities are as follows:

• Implement and monitor the information security management and risk management program.
• Work with the business units to raise awareness of risk management concerns and facilitate risk assessment and risk management processes.
• Interact with all departments and levels of the organisation to ensure the consistent application of policies and standards across all technology projects, systems, and services.
• Assist with the overall business technology planning, providing current knowledge and future vision of technology and systems.
• Assist the DPO in managing the data protection program.
• Drive the firm to achieve new IT security certifications such as SOC2, and maintain existing, such as PCI DSS.
• Support regulatory filings such as the REP018 and REP020, and monitor compliance with industry-specific IT mandates.

Requirements:

• Professional security management certification, e.g., CISSP, CISM, CRISC, or CCISO
• Knowledge of common information security management frameworks and standards, such as ISO/IEC 27001+27701, CEH, SOC2, COBIT, PCI-DSS and NIST.
• Good understanding of UK/EU privacy law.
• Excellent written and verbal communication skills and a high level of personal integrity.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.

Desired general experience:

• Contract and vendor negotiations and management, including managed services.
• Project management, and ideally an associated qualification.
• Minimum of 12 years experience in a combination of information security, risk management, and IT project management, systems implementation, and administration roles.
• Preferred Location- UK, EEA.

Desired first-hand technical experience

• Software/Infrastructure/Platform as a Service solutions, ideally AWS.
• Network-level security, and Web Application Firewalls.
• Remote Monitoring and Management, Mobile Device Management and Security, Data Loss Prevention, email security, and Identity and Access Management solutions.