Information Security Officer (US)

100% Remote - New York

Applications have closed
Form3 logo


Form3 provide an enterprise-grade payment technology platform on the cloud, built using microservices. The platform was designed, from inception to be highly scalable, adaptable and resilient. We adopt a ‘build to run’ development approach with...


Form3’s vision is to be the world’s most trusted provider of payment technology. We design, build and run the technology that powers the future of payments. The infosec office creates and implements policies and procedures that ensure our platform’s security is always being maintained, allowing our customers to continue to make faster, secure payments. This team offers you the ability to work with some of the largest financial companies globally but also refine and enhance your skill set and knowledge across the vast financial security sector. 


This is a challenging, exciting, varied and broad role. Some key duties include:

  • Maintaining and developing policies and procedures, consulting with project engineering teams on security principles.
  • Responding to customer audit requirements (Tier 1 Banks to Start-Ups)
  • Performing internal audits and assisting with external audits.
  • You’ll also be involved in security assurance of software and vendors, investigating escalated alerts from the SIEM.
  • Coordination of pentests (internal and external) and vulnerability remediation from findings
  • Managing and implementing security tools such as DLP and IPS
  • Management of information security risks across the organisation.

Some of our main security tools: Cloudflare, Trend Micro Deep Security, Alienvault USM, Carbon Black, Qualys, Jamf, Snyk, Hashicorp Vault in addition to native security tooling within AWS, Azure and GCP.

UK: Occasional travel to our London office will be required.
US: Occasional travel to our New York office will be required.
EU: Occasional travel to our Amsterdam office will be required.



  • Working knowledge of security frameworks and security controls e.g. NIST CSF, ISO22301, IS027001, ISAE3000/SOC2, GDPR and PCI DSS. (US: + FedRamp, Nacha, Data Protection Laws and Regulation, CCPA etc)
  • Exposure to security operations and application security best practices.
  • Experience developing, writing, implementing, auditing and improving information security policies and procedures aligned to relevant industry frameworks/standards to ensure that security and compliance accreditations are achieved and maintained.
  • Perform periodic internal audits, reviews and contribute to the continuous improvement of IT security standards, processes and procedures.
  • Ability to perform Business Impact Analysis, risk assessment and treatment.
  • Experience operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems.
  • An extensive career in the security space, including GRC expertise and technical threat/vulnerability management experience.
  • Relevant certifications (CISSP etc.)


  • Experience in security incident response, forensic security investigations, management and remediation of identified and day zero vulnerabilities, alerts, threats and breaches.
  • Public Cloud Security experience.


  • 25 PTO days plus public holidays  
  • Remote friendly environment
  • Remote working equipment allowance
  • Health and wellness allowance
  • Flexible working arrangements
  • 401 (K)
  • Dental, Health and Life Insurance
  • Short-Term Disability Insurance
  • Full details are available on our careers page   

Form3 appreciates that we all lead different and often really busy lives. We work remotely 100% of the time and many of us work part time. If you’re interested in hearing what different flexible working arrangements may be available, we’d love to chat.   


We are an award-winning cloud-native payment technology provider for financially regulated institutions. Launched in 2016, we've doubled in size year on year as we continue to redefine what a truly instant payment experience means.    

We celebrate diversity, promote entrepreneurialism and are committed to giving everyone a say in shaping our business. Here you will grow as a person and accomplish incredible things. A career at Form3 is empowering, inspiring and fun. Join us and help shape the future of payments.       


At Form3 we embrace equal opportunity and are committed to building a diverse team of exceptional individuals. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status and it is our strong belief that the more inclusive we are as a business, the better our work will be.

As an inclusive employer, we guarantee to interview all disabled applicants who meet the minimum criteria for this role. We encourage all candidates who consider themselves to have a disability to notify us of any reasonable adjustments that may be required during the recruitment process. This includes providing job adverts in alternative, accessible formats or adjustments required at interview stage.

If you consider yourself to have a disability under the UN definition and would like to be considered under this scheme and/or require any reasonable adjustments please let us know by sending an email to clearly stating your consent for us to process this data.

For more information please refer to our Recruitment Data Policy.

* Salary range is an estimate based on our salary survey 💰

Tags: AlienVault Application security Audits AWS Azure CCPA CISSP Cloud Cloudflare Compliance FedRAMP GCP GDPR Incident response IPS ISO 22301 NIST PCI DSS Qualys Risk assessment SIEM SOC 2 Threat intelligence Vulnerabilities Vulnerability management

Perks/benefits: Career development Flex hours Flex vacation Health care Insurance Startup environment Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  9  1  0

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.