Information on COVID-19 for our merchants. Read More.


Back to all jobs

Information Security Manager | GRC

Luxembourg · Legal & Compliance

Information Security Manager | GRC

As a GRC Security Manager, you’ll manage, plan, develop and implement a security governance, risk and compliance framework that meets external and internal stakeholder expectations and is aligned to best SumUp global security practice.

What you’ll do

  • Manage internal and external ISMS audit processes, audit plans, monitor the effectiveness of controls and corrective actions with the control owners and stakeholders.

  • Execute gap analysis and manage compliance readiness and monitoring activities for regulatory security audits.

  • Assist external security audits, assessments, and testing and remediation plans development and implementation.

  • Identify, assess and monitor security risks and recommend mitigation measures.

  • Manage security requirements with third parties.

  • Coordinate the development and maintenance of information security policies and related documents.

  • Partner with the Compliance team to ensure compliance with regulatory security requirements.

  • Manage/lead security projects.

  • Continually improve and update knowledge to accommodate changes to the company’s regulatory environment and needs.

You’ll be a great fit for this role if

  • You have 7+ years of relevant experience across security governance, risk and compliance in financial institutions.

  • You have experience in leading ISO 27001:2013 certification, audits and security risk assessments.

  • You have a Bachelor’s degree in Information Security, Information Assurance, Computer Science, Cybersecurity, Risk Management or equivalent work experience.

  • You have professional certification (CISSP/CISA/CRISC/CISM/ISO 27001 Lead Implementer/Auditor or similar)

  • You’re proactive, self-motivated and comfortable working  independently within a global security team

  • You’re confident interacting  professionally with a diverse group: executives, managers, and subject matter experts

  • You speak and write fluent English; Spanish and/or Portuguese would be considered a plus. 

Why you should join SumUp

  • You'll have the opportunity to make an impact as we work in flat hierarchies

  • You'll have the space to drive your career here and take ownership of projects

  • You’ll work as part of a diverse, international team

  • You’ll attend regular team events

About SumUp

We believe in the everyday hero. Those who have the courage to follow their passion and who have the strength and determination to realize their dreams. 

Small business owners are at the heart of all we do, so we're creating powerful, easy-to-use financial solutions to help them run their business. With a founder’s mentality and a team-first attitude our diverse teams across Europe, South America, and the United States work together to ensure that small business owners can be successful doing what they love.

SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.

SumUp will not accept unsolicited resumes from any source other than directly from a candidate.