Head of Security

EXUS is an enterprise software company, founded in 1989 with the vision to simplify risk management software. EXUS launched its Financial Suite (EFS) in 2003 with the aim to support financial entities worldwide to improve their results. Today, our EXUS Financial Suite (EFS) is trusted by risk professionals in more than 50 countries worldwide (MENA, EU, SEA). Two of our clients in SEA are major banks in the Philippines. We introduce simplicity and intelligence in their business processes through technology, improving their collections performance. Our people constitute the source of inspiration that drives us forward and help us fulfill our purpose of being role models for a better world. This is your chance to be part of a highly motivated, diverse, and multidisciplinary team, which embraces breakthrough thinking and technology to create software that serves people. We offer a creative, fun, and above all, inspiring working environment that fosters team spirit and promotes the greater good. We are positive and eager to learn and explore. We are committed to our vision. Our shared Values We are transparent and direct We are positive and fun, never cynical or sarcastic We are eager to learn and explore We put the greater good first We are frugal and we do not waste resources We are fanatically disciplined, we deliver on our promises We are EXUS Are you? Position: Head of Security EXUS is looking for a Head of Security to join us remotely at a company that is revolutionizing the way credit risk is managed. Reporting This role reports directly to the CTO and requires a strong focus on DevSecOps practices. Main Duties Lead Cloud Security Strategy for Managed Services Lead a security team supporting cloud services, including DevSecOps engineers and cloud security architects Collaborate with cloud operations, DevOps, compliance, and client success teams to ensure secure delivery of managed services Secure cloud and on-premises infrastructure, containerized workloads, and Kubernetes clusters Implement and monitor compliance with industry security benchmarks (e.g. CIS, NIST) Automate auditing and evidence collection for compliance certifications such as PCI-DSS and ISO 27001 Implement a shift-left security strategy by integrating security controls and scanning tools into CI/CD pipelines (e.g. SAST, DAST, container image scanning) Design and implement threat detection, prevention, and response mechanisms (e.g. IDS, runtime security) Collaborate closely with the IT team to secure and automate internal systems, endpoints, and services Establish and enforce Kubernetes security policies (e.g. RBAC, network policies, Pod Security Standards) Provide security guidance to development teams and help enforce secure coding and deployment practices Requirements BSc degree in Computer Science, Cybersecurity, or a related field (MSc degree is a plus) 8+ years of experience in DevOps, Security Engineering, or DevSecOps Deep expertise in Cloud security (AWS, Azure, or GCP) Infrastructure as Code (e.g. Terraform, Ansible) and related security tooling (e.g. trivy, Checkov) CI/CD security practices and tools Identity and access management (IAM) Proficiency with scripting (e.g. Python, Bash) for automation tasks Strong experience with Compliance frameworks (PCI-DSS, ISO 27001) Security monitoring, alerting, and SIEM tools Preferred Skills Certifications such as CISSP, GCPN, or CKS Experience with Zero Trust architecture and endpoint security Knowledge of container security platforms and tools (e.g. Aqua, Prisma Cloud, Sysdig, Falco) Experience participating in or leading incident response efforts General Skills Excellent knowledge of English language (both verbal & written) Strong problem‑solving skills and analytical thinking Team player, self‑motivated, constantly seeking new knowledge Fulfilled military obligations Benefits Fully remote work setup Competitive salary Inclusive work environment & Well‑being Program A clear induction program & a mentoring buddy to help you Private health insurance allowance Unlimited time off Privacy Notice for Job Applications: https://www.exus.co.uk/en/careers/privacy-notice-for-job-applications/ #J-18808-Ljbffr