HitPay
HitPay is a one-stop payment platform for SMEs, on a mission to empower businesses with easy access to digital payments. From no-code e-commerce plugins to affordable credit card readers, we help thousands of merchants bring their business dreams to life. HitPay is backed by Tiger Global, Global Founders Capital, Y Combinator, HOF Capital, and angel investors.
11 - 50 employees
Compliance and Security Program Manager
Job not on LinkedIn
October 1
HitPay
HitPay is a one-stop payment platform for SMEs, on a mission to empower businesses with easy access to digital payments. From no-code e-commerce plugins to affordable credit card readers, we help thousands of merchants bring their business dreams to life. HitPay is backed by Tiger Global, Global Founders Capital, Y Combinator, HOF Capital, and angel investors.
11 - 50 employees
📋 Description
• Lead PCI DSS, SOC 2, MAS PSA, and other regulatory compliance programs. • Coordinate audits with internal stakeholders and external auditors. • Maintain compliance calendar (pen tests, ASV scans, policy reviews, risk assessments). • Develop and improve internal policies, IT governance frameworks, and controls. • Partner with engineering to design and implement security features (encryption, access controls, logging). • Track security incidents, risk assessments, and vendor due diligence. • Support business continuity planning, disaster recovery, and incident response. • Drive cross-team initiatives ensuring security and compliance are embedded in product development. • Translate compliance requirements into actionable engineering and product tasks. • Act as the main point of contact for compliance and security questions from internal and external stakeholders.
🎯 Requirements
• Experience in compliance, IT governance, or security program management, ideally in fintech, payments, or regulated industries. • Strong understanding of security and compliance frameworks (PCI DSS, SOC 2, ISO 27001, MAS TRM, GDPR). • Ability to translate regulatory and compliance requirements into practical, technical implementations. • Strong project management skills – able to coordinate across multiple stakeholders. • Comfortable working with both auditors and engineers. • Bonus: Technical background (security engineering, IT, or product/engineering experience). • Required work authorisation to work from the job location.
Apply NowSimilar Jobs
September 18
Senior Information Security Engineer leading StateRAMP/FedRAMP compliance at Career TEAM. Designing secure AWS infrastructure, managing SSP/POA&M, and mentoring teams.
AWS
Cloud
Cyber Security
September 17
Lead GovRAMP/FedRAMP/TX-RAMP compliance and secure AWS cloud architecture for Career TEAM's Career EDGE platform, ensuring NIST 800-53 alignment and automation.
AWS
Cloud
Cyber Security
September 4
Support Bell Canada network/security implementations remotely; coordinate installations, troubleshoot routing/switching, and liaise with internal teams and customers.
Cyber Security
Switching
Go
May 30
itm8
1001 - 5000
Join itm8's Cyber Defence Center to handle security implementations and service requests.
Azure
Cloud
Cyber Security
Linux
TCP/IP
