About Revolut

People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products - including spending, saving, investing, exchanging, travelling, and more - help our 70+ million customers get more from their money every day.

As we continue our lightning-fast growth,‌ 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work™. So far, we have 13,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.

About the role

Our Information Security team protects Revolut's systems, data, and people. They combine technical expertise with a proactive, risk-based mindset to stay ahead of threats and keep our technology and customers secure at every step.

We're looking for a highly technical Information Security Manager to uphold top-tier 2nd line of defence practices for our IT and information security operations.

Up to shape what's next in finance? Let's get in touch.

What you'll be doing

• Conducting regular ICT security risk assessments and control evaluations, including cybersecurity risks for custodian and self-custody wallets, and responses to wallet attacks
• Reviewing new crypto initiatives, and monitoring crypto service providers
• Monitoring and challenging group-level security controls (AppSec, InfoSec, testing, incident response) to ensure local regulatory compliance
• Overseeing third-party security, outsourcing chains, and crypto service providers
• Reviewing penetration testing, vulnerability scans, and resilience frameworks (BCP, DR, failover)
• Assessing, classifying, and resolving security incidents and threats, including regulatory reporting obligations
• Coordinating audits, inspections, and assurance activities with group and external stakeholders
• Ensuring the adoption of group InfoSec policies locally, while promoting a culture of security throughout the business
• Contributing to digital operational resilience testing (e.g., DORA-aligned exercises) with tech leadership
• Providing regular reporting on security resilience to management and regulators

What you'll need

• Expertise in InfoSec and IT operations within a senior or lead role, particularly within the 2LoD
• Experience with crypto asset service providers or financial institutions handling digital assets
• Advanced proficiency in technical security disciplines and information security requirements tailored to crypto environments
• Experience managing intra-group outsourcing of InfoSec and IT services in regulated settings
• A track record of delivering localised group IT/InfoSec policies and procedures to comply with regulatory standards, including DORA, MICA, and PSD2
• An in-depth understanding of compliance requirements for crypto-asset services and the broader financial sector
• Knowledge of relevant compliance and regulatory frameworks, with a focus on digital operational resilience and crypto-specific regulations
• Relevant information security certifications (CISSP and/or CISM)