Light is seeking an InfoSec & Cybersecurity Lead to define the strategy, architecture, and governance of security across our platform, infrastructure, and internal systems. You will be a core voice in risk decisions and compliance, balancing strategic thinking with hands-on execution to secure our high-growth environment.
What You'll Do
- Develop the security strategy, maturity roadmap, and key metrics.
- Lead security compliance programs (SOC 2, ISO 27001, PCI DSS, GDPR) and audits using Vanta, and manage third-party and vendor risk.
- Review system designs, threat-model new features, secure integrations, and embed security into CI/CD pipelines.
- Establish and maintain incident response plans, run simulations, and lead real-world incident triage and remediation.
- Drive a security-first mindset through training, awareness, and role-based access controls.
- Evaluate and ensure the security of vendors, cloud infrastructure, access controls, and network segmentation.
What We're Looking For
- 5-7 years’ experience in information security or cybersecurity roles, preferably in fintech, SaaS, or payments.
- Proven experience owning security in a fast-moving, high-growth environment.
- Deep technical expertise: cloud (AWS, GCP, Azure), network and application security, identity & access, encryption, and threat modelling.
- Hands-on in vulnerability management, penetration test oversight, secure code review, and incident response.
- Familiarity with compliance on financial systems: SOC 2, ISO 27001, PCI, GDPR, etc.
- Excellent risk judgment and ability to balance security with business velocity.
- Strong communication skills — able to influence non-technical stakeholders and train engineers.
- Experience leading or scaling a small security team or managing security partnerships.
Nice to Have
- Prior experience in fintech, financial software, or payments.
- Certifications such as CISSP, CISM, OSCP, CRISC, or equivalent.
- Experience with specific regulatory standards (e.g. PCI, PSD2, ISO 27001).
- Experience in embedding DevSecOps practices and platform security.
Technical Stack
- AWS, GCP, Azure, Vanta
Benefits & Compensation
- Competitive salary + stock options in our fast-growing startup.
- Paid parental leave.
- 25 days of annual leave + public holidays (in your country).
- Regular socials and company off-sites.
- A huge opportunity to shape a market-defining product and engineering culture.
Light is an equal opportunity employer.
