Information Security and Compliance Officer

About MONEYME:

MONEYME is a founder-led digital lender and Certified B Corporation. We challenge the traditional ways of credit and simplify the borrowing experience with digital-first experiences that meet the needs of modern consumers. We offer a range of fast, flexible, and competitively priced products that span our customers’ credit lifecycle, including personal loans, credit cards, and car loans. We deliver unrivalled customer experiences powered by smart technology, speed and efficiency.

We are for ambitious Australians that expect more from life and the companies they engage with. We uphold a strong ethos of sustainability and hold ourselves accountable to the high standards of the B Corp movement. Our culture is energetic and driven, and we continually challenge the status quo… we’re nothing like your traditional finance institution. We have recently been certified as a B Corp and a Great Place To Work. We’re proud to have built a culture where people feel heard, cared for, and empowered to push boundaries. We wouldn’t be able to continually improve and grow as a company without our diverse and exceptional team.

What we are looking for:

We are looking for a technically capable and compliance-focused Information Security Officer to help implement and operationalize MONEYME’s information security programs. This role requires hands-on experience with ISO 27001, working knowledge of PCI DSS and SOC 2, and the ability to understand and support the rollout of technical and procedural controls aligned with international standards.

The ideal candidate will have a strong foundation in information security practices, a clear understanding of how to manage and monitor controls, and the willingness to grow within a fast-paced, security-conscious environment. This role will work closely with the Cybersecurity Lead and other technical teams to help ensure that security initiatives are both practical and audit ready.

Responsibilities for this role will include:

• Support the execution and continuous improvement of the ISO/IEC 27001 ISMS, including control implementation, documentation, and internal audit readiness.
• Contribute to the development of audit-ready policies and procedures that align with ISO 27001, NIST CSF, CIS Controls, and applicable regulatory requirements.
• Conduct risk assessments, control validations, and compliance reviews to support ongoing risk management and certification efforts.
• Coordinate and document security-related audits, including evidence gathering and audit response tracking.
• Assist in collaboration with IT, Engineering, and Product teams to ensure security and compliance requirements are addressed during system and product changes.
• Monitor and interpret data from security dashboards and tools (e.g., SIEM, endpoint protection, vulnerability scanners) to validate control effectiveness and support audit evidence collection.
• Manage the security aspects of the vendor management program, including security reviews, onboarding assessments, and ongoing monitoring of third-party risk.
• Conduct Privacy Impact Assessments (PIA) and Business Impact Assessments (BIA) in accordance with privacy, regulatory, and operational requirements.
• Engage with stakeholders and advisors to support control testing, audit preparation, and continuous compliance initiatives.
  
  

To be successful in this role the following skills and experience would be useful but not all are mandatory:

• Practical knowledge and experience in end-to-end implementation of ISO/IEC 27001
• Sufficient technical inclination to understand, validate, and communicate the implementation of controls outlined in ISO/IEC 27001, ISO/IEC 27002, and PCI DSS.
• Proven experience in developing pragmatic Information Security strategies.
• Skilled in running cyber-security exercises and has demonstrated ability to work on security projects.
• Proven ability to communicate technical issues with non-technical and non-security focused people.
• Working knowledge of PCI DSS and SOC 2 standards and audit preparation.
• Ability to map and correlate controls across ISO, NIST, CIS, PCI DSS, and SOC 2 frameworks.
• Familiarity with technical security concepts.
• Strong ability to write policies and procedures that are technically accurate and audit compliant.
• Experienced in supporting or managing GRC (Governance, Risk, and Compliance) activities.
• Understanding of Australian (Privacy Act 1988) and Philippine (RA 10173) data privacy laws.
• Should have at least 1 certification as "ISO27001 Auditor" or similar.
• Excellent written and verbal communication skills across technical and non-technical audiences.
• Technical prowess and could navigate security dashboards
• Able to conduct security assessments of vendors and third parties.
• Self-motivated, organized, detail-oriented, and able to work independently or as part of a team.
• Willing to learn and grow alongside the company’s evolving security and compliance needs.
  
  

What’s in it for you:

MONEYME’s employees and culture are core to who we are. We know that without a high-performing and engaged Team MONEYME, we will not achieve our ambitious goals for the future. We are proud to offer a collaborative and fun work environment.

Some of the benefits & perks we offer for all our employees in Manila are:

• HMO on Day 1 + 1 free dependent
• 15 days of vacation leaves and 15 days of sick leave
• 1 birthday leave
• Health and wellbeing initiatives like weekly sports activities and MONEYME Olympics
• Fun filled company activities - summer outings, team building, team lunch or dinner, Halloween event, year-end party and so much more!
• Complimentary snacks in the office
• MONEYME Merchandise - hoodie, T-shirt, tumbler, notebook, and id lace
• Quarter champion awards & reward trips
  
  

At MONEYME we believe in rewarding hard work. When the business is winning, so are you and we’re always investing in our employees to lead new projects and develop people’s careers. We have quarterly awards, events, bonuses and more.

MONEYME Limited is an equal opportunity employer and we value diversity, equity, and inclusion. We are committed to creating a diverse and inclusive workplace and encourage applicants from all backgrounds to apply. We believe that the unique contribution of our employees is a key driver of our success. We stand together – our diversity and inclusion give us an edge.