About Navro
Navro is a fast-scaling fintech start-up transforming how businesses manage cross-border payments. As the world’s first payments curation platform, Navro simplifies global transactions by uniting best-in-class infrastructure into a seamless ecosystem. Their mission is to make workforce payments faster, smarter, and more reliable, ensuring businesses can pay contractors, freelancers, and employees around the world on time—every time.
Role Overview
Navro is seeking an Information Security Manager to build and lead the company’s security function from the ground up. This is a hands-on, career-defining role with the freedom to make impactful decisions from day one. Working in a fast-paced scale-up environment, the Information Security Manager will shape Navro’s security posture, embed a culture of security-first thinking, and ensure compliance with international standards.
This position is ideal for a proactive, detail-oriented professional who thrives in dynamic environments and wants to play a key role in protecting the trust and resilience of a pioneering fintech company.
Key Responsibilities as Information Security Manager
- Build and maintain Navro’s Information Security Management System (ISMS) to align with ISO 27001 and other global standards.
- Oversee security governance, risk, and compliance (GRC), including automation tools such as Vanta.
- Lead and manage internal and external audits (ISO 27001, SOC2, PCI-DSS).
- Develop and manage security policies, standards, and incident response procedures.
- Deliver ongoing company-wide security awareness initiatives including phishing simulations and training.
- Partner with engineering and product teams to embed “security by design” into products and services.
- Collaborate with IT and SRE teams on business continuity and disaster recovery planning.
- Act as the main contact for client and vendor security assessments.
- Establish Navro’s Trust Centre, positioning security and compliance as a competitive advantage.
Skills & Experience Required
- Strong background in information security governance, risk, and compliance (GRC).
- Experience building and maintaining an ISO 27001 certified ISMS, with exposure to SOC2 and PCI-DSS.
- Hands-on experience with leading security tools (e.g., Vanta, KnowBe4, Google Workspace, Microsoft Entra, Wiz).
- Excellent communication skills with the ability to translate technical risks into business terms.
- Proven ability to thrive in fast-paced, high-growth environments.
- Knowledge of fintech and payments-related regulatory environments (FCA, EMI, PSD2, DORA) is highly desirable.
- ISO 27001 Lead Auditor certification or equivalent is a plus.
Shift Pattern & Location
- Hybrid working: London-based, 2 days per week in the office.
Perks & Benefits
- 26 days of annual leave plus bank holidays.
- Volunteering and compassionate leave.
- Enhanced maternity and paternity leave.
- Private healthcare.
- Company share option scheme.
- Regular team socials and an inclusive, diverse workplace.
- Comprehensive training programmes, including leadership and communication skills.
- Flexible working to support personal commitments.
View More Jobs at: UK JOB NOW
