Payactiv
Join to apply for the
Information Security Senior Manager
role at
Payactiv .
Base Pay Range $210,000.00/yr – $250,000.00/yr
Job Title:
Senior Cybersecurity / Information Security Manager
Location:
Milpitas, CA (On-site)
Salary Range:
210K to 250K (based on experience)
Who We Are Payactiv is a FinTech company in the heart of Silicon Valley, devoted to giving workers access to their earned wages when they need them. We are the pioneer and industry leader in Earned Wage Access, the only Certified B Corporation and Public Benefit Corporation in our industry. Our app provides millions with financial services that help them avoid debt, manage their finances, and regain flexibility to pay for things on their own schedule.
What You Will Do
Develop, implement, and maintain information security policies, procedures, and standards in alignment with business objectives and regulatory requirements.
Perform risk assessments, gap analyses, and threat modeling to identify security vulnerabilities and recommend mitigation strategies.
Conduct ongoing security and compliance assessments across cloud environments (AWS, Azure, GCP), focusing on:
Identity and Access Management (IAM) reviews
Access control evaluation and enforcement
Security group and firewall rule reviews
Cloud configuration and misconfiguration scanning
Cloud assurance reporting and remediation follow-up
Ensure compliance with major security frameworks and standards, including ISO/IEC 27001, SOC 2, PCI DSS, NIST CSF, and applicable regulatory requirements (e.g., HIPAA, GLBA, GDPR).
Lead internal security audits and support external audits by providing evidence, documentation, and technical guidance.
Perform application security assessments, including:
OWASP Top 10 testing
Secure code reviews
Vulnerability scanning
Penetration testing (manual and automated)
Monitor and respond to security alerts and incidents across applications and infrastructure using SIEM and other detection tools.
Administer and optimize security platforms (e.g., vulnerability management, endpoint protection, DLP, CSPM, compliance tooling).
Support sales and business development by completing security questionnaires (RFI/RFP) and providing accurate security and compliance documentation.
Perform third‑party/vendor risk assessments, ensuring alignment with internal policies and risk tolerance.
Partner with cross‑functional teams (Engineering, DevOps, Legal, Compliance, IT) to embed security and compliance best practices across systems, services, and processes.
Stay current with emerging cybersecurity threats, cloud security trends, frameworks, and best practices to enhance organizational defense posture.
What You Need
Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
Experience: 8+ years in information security, focusing on cloud security assurance and GRC.
Cloud Knowledge: Strong familiarity with cloud security standards and tools in AWS, Azure, or GCP; experience with IAM audits, misconfiguration assessments (e.g., Prisma Cloud, Wiz, AWS Config, Azure Security Center).
Frameworks & Compliance: Deep understanding of ISO 27001, SOC 2, PCI DSS, NIST 800‑53/CSF, and other major frameworks.
Security Testing: Hands‑on experience with application security testing tools (Burp Suite, OWASP ZAP, Snyk, Nessus).
Tooling: Expertise with SIEM, vulnerability management, DLP, and CSPM.
Communication: Excellent written and verbal skills; ability to translate complex security topics into business language for stakeholders.
Preferred Certifications
CISSP, CISM, CCSP, ISO 27001 Lead Implementer
AWS/Azure/GCP security‑related certifications
GIAC (GSEC, GCSA, or similar), Security+
What We Offer
Company‑sponsored Health, Dental, and Vision insurance
Health, Dental, and Vision Reimbursement account
401(k) with company match (traditional and Roth)
Tuition Assistance or Tuition Reimbursement
Unlimited Paid Time Off
Monthly Gym Reimbursement
Paid time off to volunteer
Paid Family Leave
Complimentary office lunches
Opportunity to work with a great team committed to making a difference.
Seniority Level:
Mid‑Senior
Employment Type:
Full‑time
Job Function:
Information Technology
#J-18808-Ljbffr
Information Security Senior Manager
role at
Payactiv .
Base Pay Range $210,000.00/yr – $250,000.00/yr
Job Title:
Senior Cybersecurity / Information Security Manager
Location:
Milpitas, CA (On-site)
Salary Range:
210K to 250K (based on experience)
Who We Are Payactiv is a FinTech company in the heart of Silicon Valley, devoted to giving workers access to their earned wages when they need them. We are the pioneer and industry leader in Earned Wage Access, the only Certified B Corporation and Public Benefit Corporation in our industry. Our app provides millions with financial services that help them avoid debt, manage their finances, and regain flexibility to pay for things on their own schedule.
What You Will Do
Develop, implement, and maintain information security policies, procedures, and standards in alignment with business objectives and regulatory requirements.
Perform risk assessments, gap analyses, and threat modeling to identify security vulnerabilities and recommend mitigation strategies.
Conduct ongoing security and compliance assessments across cloud environments (AWS, Azure, GCP), focusing on:
Identity and Access Management (IAM) reviews
Access control evaluation and enforcement
Security group and firewall rule reviews
Cloud configuration and misconfiguration scanning
Cloud assurance reporting and remediation follow-up
Ensure compliance with major security frameworks and standards, including ISO/IEC 27001, SOC 2, PCI DSS, NIST CSF, and applicable regulatory requirements (e.g., HIPAA, GLBA, GDPR).
Lead internal security audits and support external audits by providing evidence, documentation, and technical guidance.
Perform application security assessments, including:
OWASP Top 10 testing
Secure code reviews
Vulnerability scanning
Penetration testing (manual and automated)
Monitor and respond to security alerts and incidents across applications and infrastructure using SIEM and other detection tools.
Administer and optimize security platforms (e.g., vulnerability management, endpoint protection, DLP, CSPM, compliance tooling).
Support sales and business development by completing security questionnaires (RFI/RFP) and providing accurate security and compliance documentation.
Perform third‑party/vendor risk assessments, ensuring alignment with internal policies and risk tolerance.
Partner with cross‑functional teams (Engineering, DevOps, Legal, Compliance, IT) to embed security and compliance best practices across systems, services, and processes.
Stay current with emerging cybersecurity threats, cloud security trends, frameworks, and best practices to enhance organizational defense posture.
What You Need
Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
Experience: 8+ years in information security, focusing on cloud security assurance and GRC.
Cloud Knowledge: Strong familiarity with cloud security standards and tools in AWS, Azure, or GCP; experience with IAM audits, misconfiguration assessments (e.g., Prisma Cloud, Wiz, AWS Config, Azure Security Center).
Frameworks & Compliance: Deep understanding of ISO 27001, SOC 2, PCI DSS, NIST 800‑53/CSF, and other major frameworks.
Security Testing: Hands‑on experience with application security testing tools (Burp Suite, OWASP ZAP, Snyk, Nessus).
Tooling: Expertise with SIEM, vulnerability management, DLP, and CSPM.
Communication: Excellent written and verbal skills; ability to translate complex security topics into business language for stakeholders.
Preferred Certifications
CISSP, CISM, CCSP, ISO 27001 Lead Implementer
AWS/Azure/GCP security‑related certifications
GIAC (GSEC, GCSA, or similar), Security+
What We Offer
Company‑sponsored Health, Dental, and Vision insurance
Health, Dental, and Vision Reimbursement account
401(k) with company match (traditional and Roth)
Tuition Assistance or Tuition Reimbursement
Unlimited Paid Time Off
Monthly Gym Reimbursement
Paid time off to volunteer
Paid Family Leave
Complimentary office lunches
Opportunity to work with a great team committed to making a difference.
Seniority Level:
Mid‑Senior
Employment Type:
Full‑time
Job Function:
Information Technology
#J-18808-Ljbffr