We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Information Security Manager at CCBill. Location Information: Remote ,. . CCBill is an online payment services provider used by more than 30,000 websites globally that supports the needs of both new and established businesses in the ecommerce and online space. Typical projects on the CCBill side include integration with new processors, improving reporting, and enhancement of systems that can handle high volume transactions with high availability over 3 satellites in Phoenix, Ashburn and the Netherlands. You will have the opportunity to work on both existing and new products and features.. . . The Information Security Manager will work as a primary operational lead for all I.T. security activities. The Information Security Manager plays a critical role in establishing, maintaining, and continuously improving the organization's information security posture, risk management, and compliance program. This role serves as the strategic and operational lead for enterprise security policies, risk assessments, regulatory compliance efforts, and third-party risk management.. . . The ideal candidate will possess deep expertise in security governance frameworks (e.g., NIST, ISO 27001), experience leading risk assessments, and the ability to translate complex security risks into actionable recommendations for business and technical stakeholders. This position collaborates closely with teams across IT, Legal, Compliance, and Business Units to support secure business operations while maintaining compliance with regulatory and contractual obligations. They should have a broad and deep understanding of current information security trends, including data protection, risk and compliance, threat identification and mitigation strategies, security control frameworks, and enterprise IT security practices.. . . Location: US/Malta/Serbia/Remote (+/-3 hours CET) . . Working hours: 40h/week, Monday-Friday with flexible time schedule, depending on the location. . . Key Job Requirements:. . . . . Contribute to and support the implementation of a risk-based information security strategy in collaboration with stakeholders, balancing business enablement with regulatory and security requirements under the guidance of executive leadership.. . Support the development, maintenance, and implementation of security policies, standards, and procedures aligned with regulatory, contractual, and business requirements.. . Lead the organization’s enterprise risk management efforts, including risk identification, evaluation, and mitigation.. . Coordinate and support internal and external audits, assessments, and regulatory reviews (e.g., PCI, HIPAA, GDPR, FedRAMP). . Advise business and IT teams on security requirements, control design, and risk mitigation strategies.. . Manage third-party/vendor risk assessments and provide recommendations on security posture and residual risk.. . Prepare and deliver reports and presentations on security risk posture, compliance status, and metrics to executive leadership. . Drive a culture of security awareness across the organization through education and targeted communication. . Support the Information Security leadership in security strategy development and roadmap planning.. . Support and mentor team members by providing regular feedback, coaching, and career development opportunities.. . Assess current security posture and collaboratively identify opportunities for simplification, automation, or team scaling.. . Evaluate the impact of emerging technologies on the organization's security strategy and regulatory obligations.. . . . Key Skills and Qualifications:. . . . . 5+ years of experience in information security with a focus on GRC, risk management, or compliance. . In-depth knowledge of regulatory frameworks and standards such as NIST 800-53, ISO 27001, PCI-DSS, HIPAA, GDPR, and SOC 2.. . Demonstrated ability to assess and communicate risk in business terms to both technical and non-technical stakeholders.. . Experience with risk registers, and compliance tools.. . Strong interpersonal and communication skills, with demonstrated success collaborating across distributed and highly technical teams in a fully remote environment.. . Adaptable, flexible, and diplomatic in navigating ambiguity, shifting priorities, and differing work styles across time zones.. . Bachelor's degree in Information Systems, Cybersecurity, Business, or a related field.. . . . . Desired Skills:. . . . . Relevant certifications such as CISSP, CISM, CRISC, CISA, or ISO 27001 Lead Implementer. . Technical background in systems administration, engineering, or security tooling.. . Exposure to software application development.. . Strong planning, coordination, and organizational skills. . Knowledge of application development environments and how security integrates into the Software Development Lifecycle.. . . . Leadership Style and Expectations:. . . . . Empowering, collaborative, and people focused.. . Adaptable to varied team skill levels and project paces.. . Proactive, strategic thinker who can turn concepts into actionable plans.. . Advocates for security improvement initiatives while understanding business priorities and constraints.. . Demonstrated experience in mentoring, coaching, and supporting the growth of a diverse and distributed team. . . . This is an exciting opportunity to work with a highly innovative and creative team, in a great working environment using the latest technologies, methodologies, and frameworks. . .