Hybrid Information Security Manager bei Navro

Location: London, UK (Hybrid: 2 days per week in the office)
Company: Navro – Pioneering the Future of Payments

Architecting Trust: Information Security Manager

This isn’t just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast.

We’re Navro, a rapidly scaling B2B payments startup, and we’re looking for a bold, proactive, and hands-on Information Security Manager to help safeguard our platform and operations. This is your chance to shape our security posture, instill a security first-mindset, ensure compliance with international standards, and make decisions that impact the entire business.

You won’t have layers of approval slowing you down. You will have the freedom to make real, impactful decisions from day one. This isn’t a passenger role. We’re bringing you in for your expertise and your relentless drive. You will be responsible for understanding our information assets, identifying emerging threats, and implementing robust security measures that protect Navro and our clients.

Who We Are 

We are transforming payments for global platforms and e-commerce businesses. As the world’s first payments curation platform, we simplify cross-border transactions by uniting best-in-class infrastructure into a seamless ecosystem, enabling businesses to scale and operate effortlessly across borders. Cross-border workforce payments are slow, expensive, and outdated. We can’t be. Businesses rely on us to pay their people accurately and on time - contractors, freelancers, and employees across the globe. When we say we’ll deliver, failure isn’t an option. If we don’t do what we said we would, people don’t get paid - not just a transaction delayed, but real workers left without wages. That means a developer in Argentina missing their paycheck, a freelancer in the Philippines unable to pay rent, or a contractor in Poland unable to get to work. No excuses. No passengers. No tolerance for politics or mediocrity.

Requirements

What This Role Demands:

⚡ You Own It – You’re responsible and proactive, you take the lead and make things happen.

⚡ You Ask Questions – You don’t just gather requirements; you challenge assumptions, to make us better. Why this control, why not another way?

⚡You Fix What’s Broken – No waiting for permission. If it’s clunky or output is inconsistent, you dive in, solve, and fix it.

⚡You’re Hands-On – One hour you’re leading on an external audit, the next assessing a critical vendor’s security posture, the next you’re deep in the vulnerability rating details with DevOps.

⚡You Thrive in Chaos – Startups are messy. Deadlines change, priorities shift, and ambiguity is constant. You bring clarity to define workable security policies and procedures.

⚡You Handle the Pressure – Fast-paced. High stakes. You balance multiple projects, manage tight timelines, and keep moving forward.

⚡You’re Here for the Journey – This is career-defining. It’s hard, rewarding, and not for the faint-hearted. If you’re ready to grow alongside Navro, let’s build something amazing together.

What You’ll Be Doing:

• Day-to-day responsibility for security GRC, help build version 2.0 of Navro’s Information Security Management System. Ensure compliance to international standards and regional regulatory requirements.
• Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture.
• Successfully lead internal and external security audits - ISO 27001 / SOC2 Type II / PCI-DSS.
• Champion a company-wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security incident response and threat intelligence procedures.
• Lead, curate, and report on Navro’s on-going and persistent security awareness programme including frequent phishing testing campaigns, secure development, etc.
• Work with IT, SRE, and other key stakeholders on implementing and maintaining security policies and standards including disaster recovery and business continuity testing.
• Work with Sales and Operations on business critical procedures for onboarding/offboarding clients and vendors. Act as primary contact for security due diligence and assessments.
• Project manage initiatives with product and engineering teams to embed “security by design” into products, services, and processes.
• Help make Navro’s security posture a value proposition - develop a Trust Centre to easily present and provide security information. Work with Marketing to position excellent posture, certifications, and regulatory compliance as a product differentiator.

What We’re Looking For:

⚡ GRC Experience – You’re the go-to person for security governance, risk, and compliance. With a degree in a computer or security discipline and numerous years’ GRC experience under your belt.

⚡ Start-up – Preferably have worked in a start-up or scale-up environment before where ambiguity and chaos do not faze you.

⚡ Tool Ninja – You’re familiar with various tools and systems and have hands-on experience with market leading security tools including Vanta, KnowBe4, Google Workspace, Microsoft Entra, and Wiz.

⚡ Detail-Obsessed – You don’t miss a thing. Your attention to detail and decision-making capabilities are top-notch. You’re able to horizon scan and research effectively to find the missing details.

⚡ ISO 27001 et al – You have built and maintained an ISO 27001 certified ISMS before and led other important security audit assessments (SOC2, PCI, etc.). You may have also gained ISO 27001 Lead Auditor or alike certifications (a plus).

⚡ Collaborator Extraordinaire – Strong communications skills with the ability to explain technical and security concepts, risks, controls in business terms.

⚡ Regulation Machine – You have knowledge of payments and various related regulatory environments including FCA, EMI, DORA, PSD2 (a plus).

You may not possess every single required skill listed, and that's perfectly fine. If you have most of them, along with grit, passion, a desire to learn quickly, and the willingness to get stuck in, we encourage you to apply.

Why Navro?

• Lead and Shape the Future: This is your chance to build and grow a market from zero to one.
• Make Real Impact: Your decisions will directly shape Navro’s growth journey.
• Innovative Environment: Be at the forefront of Fintech innovation and payments disruption.
• Career-Defining Role: This isn’t just another job. It’s a legacy.

Ready to Build Something Big?

This is your chance to leave your mark. If you’re ready to lead, build, and grow with the intensity that only startups offer, we want to hear from you.

Apply now and be part of Navro’s journey to revolutionise payments with us.

Benefits

As part of this role you will receive the following:

• You will enjoy 26 days of annual leave (excluding Bank holidays)
• Volunteering & Compassionate leaves
• Maternity and Paternity leaves
• Private Healthcare 
• Company Options Scheme
• Team socials 
• Comprehensive, interactive & engaging Training - Leadership, Communication and Presentation Skills, Behavioural Profiling, Conflict Management, etc
• Career frameworks
• Flexibility surrounding other commitments; within your team we will work around child-care or other appointments you have. We just ask for advance notice!
• For those London Based 2-3 days per week in office 
• Working in a diverse and inclusive environment where we ensure that our people thrive

Navro does not accept unsolicited resumes from search firms/recruiters. Navro will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.