Information Security Manager

Information Security Manager – Navro

Join to apply for the Information Security Managerb> role at Navro.

Location: London, UK (Hybrid: 2 days per week in the office)

Company: Navro – Pioneering the Future of Payments

Navro is a rapidly scaling B2B payments startup transforming payments for global platforms. The role is about building a security posture from the ground up.

• Day-to-day responsibility for security GRC and building version 2.0 of Navro’s Information Security Management System.
• Own security GRC automation tooling (Vanta) and maintain security compliance posture across the business.
• Lead internal and external security audits – ISO 27001 / SOC2 Type II / PCI-DSS.
• Champion company-wide security awareness and operational resilience through incident response and threat intelligence procedures.
• Lead, curate, and report on Navro’s ongoing security awareness programme, including phishing campaigns and secure dev training.
• Work with IT, SRE, and stakeholders on security policies, disaster recovery, and business continuity testing.
• Collaborate on client and vendor onboarding/offboarding, acting as primary contact for security due diligence.
• Project manage initiatives with product and engineering to embed “security by design” into products and services.
• Help make Navro’s security posture a value proposition – develop a Trust Centre and work with Marketing.

• GRC experience – security governance, risk, and compliance expertise and a related degree.
• Start‑up background – comfortable with ambiguity and rapid change.
• Tool proficiency – hands‑on experience with Vanta, KnowBe4, Google Workspace, Microsoft Entra, Wiz, etc.
• Detail‑obsessed with strong decision‑making skills.
• ISO 27001 certified ISMS experience, plus SOC2, PCI, etc. certifications a plus.
• Excellent collaboration and communication skills; ability to explain technical concepts in business terms.
• Knowledge of payments regulations (FCA, EMI, DORA, PSD2) is a plus.
• Passion, grit, and a willingness to learn quickly.

• 26 days annual leave (excluding bank holidays).
• Volunteering & compassionate leave.
• Maternity and paternity leave.
• Private healthcare.
• Company options scheme.
• Team socials.
• Interactive training and career framework.
• Flexibility for childcare or other appointments with advance notice.

Navro does not accept unsolicited resumes from search firms/recruiters. Navro will not pay any fees to search firms/recruiters unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.