About Pockit + Monese

Pockit and Monese are the all-in-one money apps that make it easy for people to access and manage the financial tools that put them in control of their money. We provide vital financial services, from e-money accounts through to income advance products to over three million customers across the UK and Europe. In October 2024, Pockit acquired Monese, creating the leading fintech for anyone who is budgeting, saving, or just trying to stay on top of their finances. Both firms are regulated by the FCA.

Following the acquisition of Monese, the business is on a trajectory of growth as the two organisations harmonise and integrate in both the UK and across Europe.

About the role:

We’re looking for a Head of Cyber Security to join our Technology team and define the security posture and data protection direction of the organisation as we consolidate the Monese and Pockit businesses. As a Head of Cyber Security, you’ll play a hands-on technical leadership role across different teams. You’ll drive the technical strategy for cloud security, secure development, vulnerability management, data protection and risk management.

What you’ll be doing:

• As Head of Cyber Security, you will lead the Security function in close collaboration with the Chief Technology Officer and the broader Tech leadership.

• As a Technical lead you will play a key role in the cloud security architecture, roadmap and technology strategy.

• You will ensure policy, standards and guidelines remain effective and consistently followed.

• You will verify that security patching is timely applied, and vulnerabilities are monitored and remediated in a proportionate way.

• You will oversee our Security Operations and Security Incident Response.

• You will commission and oversee penetration tests, working closely with both external testers and internal engineering teams to review findings and ensure that remediation actions are assigned and completed by the appropriate owners.

• You will promote a strong security culture across the Technology organisation, ensuring that security is embedded in all functions and not treated as a siloed activity.

• You will contribute to Business Continuity Planning (BCP), training people through desktop exercises, simulations and other methods, improving the organisation’s preparedness for real-world incidents.

• You will define and maintain KPIs and KRIs to monitor the status of our security risks, remediation efforts and ongoing initiatives within the DevSecOps domain.

What we are looking for:

• Strong understanding of current security standards and benchmarks.

• Solid knowledge of cloud-native security best practices, preferably on AWS; experience with the AWS Well-Architected Reviews program is a plus.

• Experience with financial regulatory requirements and industry standards such as ISO 27001, DORA, or the NIST CSF. Familiarity with the EBA Guidelines on ICT and Security Risk Management is a plus.

• Proven ability to work independently with minimal supervision while collaborating effectively across functions.

• Ability to oversee and guide a programme of security and technology improvements via a risk-based approach.

• Excellent communication skills, with the ability to articulate complex technical concepts to other Monesers and Leadership.

What benefits we offer

• Learning and development support scheme.

• Hybrid working.

• Enhanced sick days, day off on birthday, voluntary day, days off for a wedding and more.

• Private medical insurance.

• Working abroad flexibility.

• Ample opportunity for personal growth at one of the leading Fintech startups in Europe.

• Flat structure with open communication where everyone has a voice

• High degree of autonomy in a motivated and talented international team

• Monese+ Pockit premium account

Department

Technology

Locations

Estonia

Remote status

Hybrid

Already working at Monese?

Let’s recruit together and find your next colleague.