Information Security Manager - Policy and Planning

Toss SecuritiesSeoul

On-site Full-time

Clicking Apply Now takes you to AutoApply where you can tailor your resume and apply.

Experience Level

Manager

Qualifications

Desired qualifications include:In-depth knowledge of information security laws and regulations. Proven experience in operating information security management systems and obtaining relevant certifications. Experience in security inspections, risk evaluations, and policy management. Experience in the financial or fintech sector is preferred. Demonstrated interest and understanding of security threats and modern IT environments.

About the job

Join Our Dynamic Team!

The Security Division at Toss Securities comprises the Security Policy Team and the Security Engineering Team. The Security Policy Team includes both the Information Security Manager and the Privacy Manager.
Our division receives robust support across the organization to ensure the safety of Toss Securities services, fostering close collaboration with all departments.
Team members actively share experiences and knowledge with peers in similar roles across our affiliates, working together to achieve shared objectives.
Our team consists of members with diverse experiences ranging from 1 to 20 years, most of whom have backgrounds in information security firms or as corporate information security officers.
This year, we aim to enhance our information security management system through global security standard certifications and focus on risk management centered around data flows and business processes, alongside conducting research for regulatory advancement.

Your Responsibilities:

Establish and manage information security policies in accordance with regulations such as the Electronic Financial Transactions Act, Credit Information Act, Information and Communications Network Act, and Personal Information Protection Act.
Oversee the establishment and maintenance of information security policies and manage domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.).
Identify and assess security risks, derive improvement tasks, and manage them effectively.
Respond to internal audits, inspections, and external agency assessments, and carry out post-management activities.
Conduct security training and campaigns for employees to enhance security awareness.
Assess the security of new services and technologies (cloud, DevOps, etc.) and improve policies accordingly.

Ideal Candidate Profile:

Strong understanding of information security regulations and compliance.
Experience in operating information security management systems and obtaining security certifications.
Hands-on experience in security audits, risk assessments, and policy management activities.
Experience in policy or planning roles within a financial or fintech environment is a plus.
Interest and understanding of security threats and the latest IT environments will be advantageous.

Joining Toss Securities:

Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Negotiation > Final Offer & Onboarding

Please Note:

Any falsehoods found in resumes or application documents, or any disciplinary issues during employment history, may lead to cancellation of employment.
Individuals categorized as hiring prohibitions or disqualified under Toss Securities regulations may have their applications canceled.
Individuals with disabilities or who are veterans will be given preference in accordance with applicable laws.

A Message for Future Colleagues:

Work within a supportive environment to develop a robust information security management system.
All colleagues at Toss Securities recognize the importance of information security, and the Security Division is committed to fostering this understanding.
We are undertaking various challenges to present new cultures and trends while ensuring compliance with mandatory requirements, offering a chance to gain diverse experiences beyond conventional tasks.
We are looking for passionate colleagues who are eager to contribute to the security of Toss Securities and achieve explosive career growth.

About Toss Securities

At Toss Securities, we are committed to creating secure financial services through a collaborative effort across all departments. Our Security Division is dedicated to maintaining high standards of information security, and we encourage innovative thinking and approaches to enhance our security management system.

Similar jobs

Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, location & role pages.

1 - 20 of 196 Jobs

Search for Chief Information Security Officer

196 results

Select all on this page (20)

Apply

Chief Information Security Officer

Zoyi

Full-time|On-site|서울 강남구 논현로 508, GS강남타워

채널톡은 기업의 지속가능한 성장을 돕는 '올인원 AI 메신저'입니다. 고객과 언제 어디서나 대화할 수 있는 환경을 만들어, 비즈니스의 방향성을 고객으로부터 찾을 수 있도록 돕고 있어요. 현재 '고객이 답이다'라는 철학으로 고객사의 고객 소통 경험을 변화시키고 있습니다. CRM 데이터 기반의 상담 경험 설계와 AI를 통한 반복 문의 자동화로 CS 효율화부터 고객 경험 개선까지, 채널톡 하나로 해결합니다. 한국을 넘어 일본 시장 점유율 20% 이상으로 업계 1위를 달성했고, 미국 진출도 시작했습니다. 글로벌 SaaS 기업으로 성장하는 여정 속에서, 국내·해외 인증 유지(ISMS, ISO 27001/27701/27017/27018)와 확대(I…

May 2, 2023

Apply

Information Security Officer

Channel Corporation

Full-time|On-site|Seoul

Join Our Dynamic Team The InfoSec team at Channel Corporation is dedicated to safeguarding our products, infrastructure, and customer data, seamlessly integrating security standards across our B2B offerings. We partner with our product team to enhance security without compromising speed, utilizing standardized methodologies, automation, and innovative security features to address risks throughout the development, deployment, and operational phases.Our approach to security is not limited to a single department; we aim to create an environment where every product team can develop with a secure default. The InfoSec team’s mission is to interconnect policies, governance, infrastructure security, and product security development to ensure robust security practices are inherent in every project.If you believe security is not merely about restrictions but about fostering trust and facilitating growth for our products, we invite you to apply to join the InfoSec team!

Feb 6, 2025

Apply

Information Security Manager

Toss Securities

Full-time|On-site|Seoul

About the Team You'll Join The Security Division at Toss Securities comprises the Security Policy Team and the Security Engineering Team, with the Security Policy Team including roles such as Information Security Manager and Privacy Manager. This division enjoys comprehensive support across the organization to create secure Toss Securities services and collaborates closely with all departments. Team members actively exchange experiences and knowledge with peers in similar roles across affiliates to achieve shared goals. The team consists of members with diverse experience ranging from 1 to 20 years, most of whom have backgrounds in information security firms and corporate information security roles. This year, we are focusing on enhancing our information security management system through global security standard certifications and prioritizing risk management based on data flow and business processes. We will also conduct research activities to advance regulatory frameworks. Responsibilities You'll Have Lead the establishment and operation of information security policies, as well as the acquisition and maintenance of domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.). Formulate and amend security policies in response to changes in legislation and regulations, and develop operational processes. Oversee internal audits, inspections, and external institution assessments, driving improvement initiatives. Establish and lead the security risk assessment and management processes. Plan and implement security awareness programs (training, campaigns) to foster a security-centric culture within the organization. Mentor junior colleagues and contribute to the growth of team capabilities. Ideal Candidate Profile Over 5 years of experience in information security policy and management system operations within the finance and electronic finance sectors. Proven experience leading the acquisition and maintenance of domestic and international security certifications. Strong background in responding to external organizations and validated risk management skills. Experience in designing and executing organizational policies and processes. Ability to identify and lead new security challenges in rapidly changing IT/service environments. Journey to Joining Toss Securities Application submission > Role interview > Cultural fit interview > Reference check > Compensation negotiation > Final acceptance and onboarding. Please Note Any discrepancies found in the resume or supporting documents, or any disciplinary issues in the work history may lead to cancellation of employment. Candidates identified as prohibited or disqualified under Toss Securities internal regulations may also have their applications canceled. Individuals with disabilities and those eligible for national veteran benefits are given preferential treatment in accordance with relevant laws. A Message for Future Colleagues You can create an information security management system with comprehensive organizational support. At Toss Securities, all colleagues share an understanding of the importance of information security, and the Security Division builds the management system based on this shared awareness. To establish a high-level information security management system, we not only comply with mandatory requirements but also embrace various challenges to present new cultures and trends. This means you will gain diverse experiences not confined to routine tasks. We are looking for passionate colleagues who want to contribute to the security of Toss Securities while experiencing explosive growth in their careers.

Mar 9, 2026

Apply

Information Security Manager

Toss Bank

Full-time|On-site|Seoul

About the Team You'll JoinThe Security Division at Toss Bank comprises the Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team.As an Information Security Manager within Toss Bank's Security Division, you will be responsible for ensuring that established security policies and standards are effectively implemented and monitored in real-world scenarios, and you will be part of the Security Policy Team.The Security Division collaborates with various teams to create a safe and trustworthy service. The Security Policy Team works closely with product organizations to establish secure services from a security strategy, certification, and policy management perspective, while also collaborating with Legal & Compliance, Platform Engineering, and Internal Audit for regulatory compliance and internal controls. This collaborative effort enhances teamwork towards common goals.Toss Bank's Security Division is dedicated to providing secure electronic financial transaction services and strives to embed security into user operations to ensure a consistently safe working environment. What You'll Be DoingEstablishing and managing security review and compliance criteria, and conducting assessments.Performing checks on critical information communication infrastructure, electronic financial infrastructure management systems, and cloud management frameworks.Preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P).Verifying and checking security requirements when collaborating with external partners and organizations.Defining security architecture and requirements when implementing new IT technologies.Designing and standardizing the enterprise information security framework. Who We Would Like to Join UsA background in development security is a plus.An interest and understanding of security threats and the latest IT environments is desirable.For senior-level candidates, we need individuals who understand security requirements related to financial information protection compliance (laws, guidelines, etc.).Knowledge of new technologies such as MSA, K8S, and Cloud is essential.Understanding of financial IT systems and service architectures is necessary.High proficiency in information security architecture and security solutions is required.Capability to review network separation architecture and cloud service architecture suitable for the financial sector is needed.For junior-level candidates, an understanding of IT infrastructure (servers, networks, DBMS, endpoints, etc.) is necessary.Experience in preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P) is critical.Experience in checking management systems for critical information communication infrastructures and electronic financial infrastructures is required.Ability to conduct checks according to security review criteria and provide guidance on improvements for identified deficiencies is essential. How to Craft Your ResumeProvide specific examples of your work experience.Share concrete examples of experience in management system checks, security reviews, or security architecture design and review in the relevant field.Include accomplishments or improvements achieved while performing security check and review tasks.Given the need for collaboration across various teams, highlight any experience in resolving complex problems with diverse organizations. Your Journey to Join Toss Bank

Mar 9, 2026

Apply

Information Security Manager

Toss Careers

Full-time|On-site|Seoul

Toss Careers is looking for an Information Security Manager based in Seoul. This position takes charge of the organization's security efforts, focusing on safeguarding data and infrastructure against threats. Key responsibilities Lead and grow a team of security professionals Work with teams throughout the company to spot and address vulnerabilities Apply security best practices across systems and processes Build and maintain a reliable security framework This role centers on proactive risk management and collaboration to ensure the company's information remains secure.

Apr 23, 2026

Apply

Security Audit Manager - Information Security Specialist

Toss Securities

Full-time|On-site|seoul

Join Our Team The Security Audit Manager at Toss Securities will be part of the Security Division, working within the dedicated Security Audit Team. This team is responsible for conducting independent internal audits across the entire information security management system, IT infrastructure, and data management frameworks. Collaboration with various teams is essential to create reliable financial services, covering areas including security, infrastructure, platforms, and products. The Security Audit Team consists of specialists focusing on Information Security Management Systems and Data Management, supporting the decisions of the CISO and CPO. Key Responsibilities Develop annual audit plans based on information security policies and relevant regulations, auditing the security management status of IT infrastructure and information security systems comprehensively. Evaluate the adequacy and compliance of critical information security areas, including access control, security policy implementation, and encryption management. Inspect compliance with security requirements in modern IT environments, such as cloud computing and open-source software, including vulnerability management practices. Assess the appropriateness of IT disaster recovery and security incident response processes, identifying areas for improvement. Objectively analyze audit results, drafting reports and proposing actionable improvement strategies for identified issues. Ideal Candidate Profile Proven experience in information security audits or consulting, with demonstrated leadership skills in evaluating and enhancing information security management systems. Expertise in IT infrastructure and security systems (firewalls, IPS/IDS, WAF, etc.), along with experience in vulnerability analysis and assessment. Deep understanding of information security management system certification standards (ISMS-P, ISO 27001, etc.) and relevant regulations for conducting audits. Proficiency in security auditing within modern technology environments, including MSA, Kubernetes, and Cloud. Excellent communication skills to facilitate effective collaboration across diverse teams. Resume Tips Highlight your experience in information security management system audits or internal controls, including specific examples relevant to the role. Include experiences of improving IT environments or information security activities through audit responses and self-assessments. Detail instances where you identified vulnerabilities and made recommendations that enhanced the organization's security posture. If you have security audit experience in cloud environments or emerging technologies, please emphasize that as well as any complex problem-solving experiences with various teams. Application Process with Toss Securities Submit Application > Job Interview > Cultural Fit Interview > Reference Check > Salary Negotiation > Final Offer and Onboarding Important Notes Any discrepancies found in the resume or reports of disciplinary actions during employment may lead to cancellation of the hiring process. Individuals disqualified from hiring according to Toss Securities regulations will not be considered. Persons with disabilities and national veterans are given preference in accordance with relevant laws.

Mar 10, 2026

Apply

Information Security Manager - Policy and Planning

Toss Securities

Full-time|On-site|Seoul

Join Our Dynamic Team!The Security Division at Toss Securities comprises the Security Policy Team and the Security Engineering Team. The Security Policy Team includes both the Information Security Manager and the Privacy Manager.Our division receives robust support across the organization to ensure the safety of Toss Securities services, fostering close collaboration with all departments.Team members actively share experiences and knowledge with peers in similar roles across our affiliates, working together to achieve shared objectives.Our team consists of members with diverse experiences ranging from 1 to 20 years, most of whom have backgrounds in information security firms or as corporate information security officers.This year, we aim to enhance our information security management system through global security standard certifications and focus on risk management centered around data flows and business processes, alongside conducting research for regulatory advancement. Your Responsibilities:Establish and manage information security policies in accordance with regulations such as the Electronic Financial Transactions Act, Credit Information Act, Information and Communications Network Act, and Personal Information Protection Act.Oversee the establishment and maintenance of information security policies and manage domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.).Identify and assess security risks, derive improvement tasks, and manage them effectively.Respond to internal audits, inspections, and external agency assessments, and carry out post-management activities.Conduct security training and campaigns for employees to enhance security awareness.Assess the security of new services and technologies (cloud, DevOps, etc.) and improve policies accordingly. Ideal Candidate Profile:Strong understanding of information security regulations and compliance.Experience in operating information security management systems and obtaining security certifications.Hands-on experience in security audits, risk assessments, and policy management activities.Experience in policy or planning roles within a financial or fintech environment is a plus.Interest and understanding of security threats and the latest IT environments will be advantageous. Joining Toss Securities:Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Negotiation > Final Offer & Onboarding Please Note:Any falsehoods found in resumes or application documents, or any disciplinary issues during employment history, may lead to cancellation of employment.Individuals categorized as hiring prohibitions or disqualified under Toss Securities regulations may have their applications canceled.Individuals with disabilities or who are veterans will be given preference in accordance with applicable laws. A Message for Future Colleagues:Work within a supportive environment to develop a robust information security management system.All colleagues at Toss Securities recognize the importance of information security, and the Security Division is committed to fostering this understanding.We are undertaking various challenges to present new cultures and trends while ensuring compliance with mandatory requirements, offering a chance to gain diverse experiences beyond conventional tasks.We are looking for passionate colleagues who are eager to contribute to the security of Toss Securities and achieve explosive career growth.

Mar 10, 2026

Apply

Information Security Manager

Toss Care

Full-time|On-site|Seoul

Join our team as an Information Security Manager at Toss Care, where you will play a pivotal role in safeguarding our information assets and ensuring compliance with security policies. You will be responsible for developing and implementing security strategies, managing risk assessments, and leading initiatives to enhance our information security posture.

Apr 8, 2026

Apply

Chief Financial Officer (CFO)

zoyi

Full-time|On-site|서울 강남구 논현로 508, GS강남타워

In the era of AI, the role of a CFO transcends mere number management; it embodies the design of growth engines and capital events. The pace at which an AI startup grows is not solely determined by its products. It hinges on the timing and structure of capital acquisition, and how swiftly trust and distribution can be expanded based on that capital.The Channel Team is strategically positioned to lead the next growth phase, preparing to spearhead fundraising efforts with investors both in Korea and globally. We are seeking a visionary leader who can craft a roadmap for Pre-IPO/IPO, turning the company's next stage into a reality through capital strategy and execution rather than mere planning.

Feb 26, 2026

Apply

Information Security Manager (보안PM)

Toss Careers

Full-time|On-site|Seoul

We are seeking a skilled and dedicated Information Security Manager to join our dynamic team. In this role, you will be responsible for overseeing our information security strategy and ensuring the confidentiality, integrity, and availability of our data. You will collaborate with cross-functional teams to implement effective security measures and respond to security incidents.If you are passionate about protecting information assets and have a keen eye for detail, we would love to hear from you!

Apr 10, 2026

Apply

Security Engineer - Endpoint Security

Toss Bank

Full-time|On-site|Seoul

About the Team You Will Join The Security Division at Toss Bank comprises multiple teams including Security Policy, Privacy Protection, System Security, Network Security, Security Red Team, Security Blue Team, IT Service, and Security Audit. The Security Engineer (Endpoint Security) will work within the Security Division to manage various tasks aimed at protecting endpoints from external threats, particularly as part of the System Security Team. The Security Division collaborates with various teams to create secure and reliable services, and the System Security Team works closely with product organizations, Legal & Compliance, Platform Engineering, and Internal Audit to ensure security and regulatory compliance. We are dedicated to providing a secure environment for electronic financial transactions and to seamlessly integrating security into the daily operations of our users. Key Responsibilities Operate security solutions to protect Toss Bank's customers. Build, manage, and operate endpoint security solutions including Antivirus (AV), Data Loss Prevention (DLP), Network Access Control (NAC), and Endpoint Privilege Management (EPM). Ensure stable operation of endpoint security solutions and quickly resolve operational issues. Establish endpoint security policies for Windows and Mac OS and engage in proactive information security activities. Analyze events through endpoint security solutions and conduct threat response activities. Desired Qualifications A minimum of 5 years of experience in operating endpoint security solutions. Deep understanding of PC and server operating systems. Familiarity with basic networking and architecture concepts. Strong understanding of the operational principles and policies of endpoint security solutions. Experience with open-source endpoint security solutions and automation of security solutions is a plus. Application Instructions Please include detailed descriptions of your responsibilities and specific examples in your resume, as simple project lists may not be sufficient. We recommend submitting a portfolio along with your resume. Highlight your experiences and knowledge relevant to the job area in your application. In your portfolio, please document your studies or practical experiences in security technology and your level of understanding. Join Us at Toss Bank Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Discussion > Final Acceptance and Onboarding Please Note Any discovery of false information in your resume or disciplinary actions during your employment history may result in cancellation of your application.

Mar 9, 2026

Apply

Security Engineer - AI Security

Daangn

Full-time|On-site|SEOUL

Welcome to the Daangn Team!At Daangn, we strive to create an environment where individuals can grow alongside the company's success.We are here to assist you in reaching that moment of joy while working with wonderful colleagues. Introducing the Security TeamThe Security Team aims to ensure that Daangn provides services securely. We defend against external attacks and prevent the leakage of valuable internal information. All our activities comply with various information protection laws and regulations. By understanding Daangn's business model, we provide clear standards that are implemented technically. Through these efforts, we create a reliable service that users can trust.Key ResponsibilitiesAssess and improve security risks in AI/ML-based service environments.Audit and manage access controls and security configurations for AI service components, including training data, model files, APIs, and infrastructure.Monitor and respond to security issues in LLM and generative AI environments, such as prompt injection and data leaks.Analyze AI service logs to detect anomalies, investigate security events, and resolve issues.Conduct security vulnerability assessments and actions during model deployment and operation.Establish and continuously improve security guidelines and policies.We Seek Candidates Who:Have experience in vulnerability assessments, penetration testing, or incident response.Are familiar with LLMs and understand the operational mechanisms of prompt-based services.Have a foundational understanding of cloud architecture (IAM, networking, storage) in platforms like AWS, GCP, or Azure.Possess basic knowledge of AI/ML or LLM service structures.Have experience in log analysis and root cause identification.Are proactive in addressing security issues, focusing on improvements rather than just reporting.Preferred Qualifications:Understanding of ML pipelines (data collection → training → deployment → monitoring).Experience with container environments such as Docker and Kubernetes.Have at least one year of experience in security, cloud, backend, or ML engineering.Have experience in improving repetitive tasks through security automation or scripting.Regularly learn about and share new AI security issues or trends.Additional InformationThere is a 3-month probation period for full-time hires.As per the Employment Promotion and Vocational Rehabilitation of Persons with Disabilities Act and the Act on the Honorable Treatment and Support of Veterans, individuals with disabilities and veterans will receive preferential hiring.

Mar 16, 2026

Apply

Security Engineer - Security Analysis Platform Operations

Tosscareers

Full-time|On-site|Seoul

#LI-DNI Join Our Dynamic Security Team! As a Security Engineer at Tosscareers, you will be part of the Information & Security Tribe, handling technical operations within the Security Purple Team and Security Green Team. The Security Purple Team is a hybrid of Red and Blue teams, focusing on event analysis, incident response, vulnerability assessments, penetration testing, and scenario-based threat modeling. We prioritize customer safety and collaborate closely with all teams to enhance Toss's security measures. Your Responsibilities Will Include: Designing, building, and operating SIEM (Splunk, Opensearch, Elasticsearch). Creating robust architectures for secure log collection across various environments (On-Prem, AWS, K8S). Ensuring stable operation and enhancement of log pipelines (NIFI, KAFKA, Hadoop). Establishing and managing logging/monitoring systems for performance optimization and incident response of the Security Data Platform (SIEM). Designing and normalizing standard models for various logs to improve log analysis efficiency. We Are Looking For Candidates Who: Have experience in designing and building scalable and optimized SIEM systems. Can identify and resolve issues in log collection, data loading, search, and query building processes. Have worked with heterogeneous security log pipelines in On-Prem and AWS environments (ETL, ELT). Have standardized various forms of security logs (OCSF, CIM, etc.) for easier analysis. Have automated tasks using Python scripting. Resume Tips: Detail specific examples of your work, particularly your roles in projects, the technologies used, and improvements made before and after. Explain any challenges faced during problem-solving and how you addressed them. If you have diverse problem-solving experiences (technical, managerial), provide concrete examples. Include specific cases where you applied learned technical skills to your work.

Mar 9, 2026

Apply

Security Analyst

Toss Bank

Full-time|On-site|Seoul

About the Team You’ll Join The Security Division at Toss Bank is composed of several specialized teams including Security Policy, Privacy Protection, System Security, Network Security, Security Red Team, Security Blue Team, IT Service, and Security Audit. As a Security Analyst at Toss Bank, you will be an integral part of the Security Blue Team, focusing on event analysis and incident response, as well as scenario-based threat modeling. The Security Division collaborates extensively with various teams to ensure the delivery of safe and reliable services. Notably, the Security Blue Team works closely with product organizations, Legal & Compliance, Platform Engineering, and Internal Audit to enhance service safety and compliance. Our commitment lies in securing electronic financial transactions for our customers and ensuring that security is seamlessly integrated into daily operations, providing a safe working environment. Your Responsibilities Analyze and respond to security threats and incidents affecting customer services and employee work environments. Identify security threats and design operational scenarios through various logs collected in the SIEM system. Respond to events detected by security monitoring and review blocking policies for security solutions like DDoS, IPS, IDS, WAF, and AV to prevent recurrence. Enhance operational efficiency through the automation of repetitive security tasks, allowing security personnel to focus on more strategic responsibilities. Ideal Candidate Profile Profound analytical skills for security events and logs, with a solid understanding of various attack techniques (TTPs) and Indicators of Compromise (IOC). Experience in deriving threats and responding through intrusion detection analysis tools and security solutions. Familiarity with creating advanced detection rules based on SIEM. Experience in developing automation scripts for security tasks using Python, PowerShell, or similar tools to improve operational efficiency. Please Include in Your Resume If you have actual incident response experience, please detail the type of incidents, analysis processes, responses, and follow-up actions step by step. Experience in threat modeling through various security logs and direct response efforts is highly valued. If you have automated security tasks using Python or PowerShell, please specify the purpose, implementation, and improvements in operational efficiency. Avoid simply listing results; instead, describe your understanding and learning throughout the project. Application Process at Toss Bank Application submission > Job interview > Cultural fit interview > Reference check > Compensation discussion > Final acceptance and onboarding. Important Notes Employment may be revoked if any false information is found in the resume or if there are disciplinary actions in work history. Applicants with disqualifications as per Toss Bank’s employment regulations may have their applications canceled. Individuals with disabilities or those eligible for national veterans' benefits will be prioritized in accordance with relevant laws.

Mar 9, 2026

Apply

[Coupang Pay] Personal Credit Information Protection Officer

Coupang Corp.

Full-time|On-site|z-Test & Templates Only

About Coupang Pay Coupang Pay is the fintech arm of Coupang Corp., developing financial service solutions for both consumers and sellers. The team builds payment and financial products for Coupang’s wide user base, including shoppers on Coupang.com, Coupang Eats customers, marketplace sellers, and franchise partners. With a focus on technology, Coupang Pay delivers features like one-touch payment services tailored for customers in South Korea and Taiwan. In lending, the division is expanding its Wow credit card partnership, which provides strong rewards. Coupang Pay is also introducing new liquidity options for sellers, including Korea’s first Banking as a Service (BaaS) offering. Team members in Coupang Pay gain hands-on experience at the intersection of finance and technology. The group’s mission is to streamline checkout, freeing up more time for customers to shop for what they enjoy.

Apr 16, 2026

Apply

Security Audit Manager

Toss Bank

Full-time|On-site|Seoul

About the Team You Will Join The Security Division at Toss Bank consists of several teams: Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team. The Security Audit Manager will be responsible for conducting regular and ad-hoc audits as well as overseeing compliance checks across the organization within the Security Audit Team. This division collaborates with various teams to create safe and reliable services at Toss Bank. The Security Audit Team works closely with product teams and legal, compliance, platform engineering, and internal audit teams to ensure compliance and internal control. The Security Division is committed to providing secure electronic financial transaction services and strives to embed security into the daily operations of its users. Responsibilities You Will Undertake Conduct regular and ad-hoc internal audits of Toss Bank’s information security activities. Respond to periodic and ad-hoc audits conducted by the internal audit team and manage IT and security aspects of internal control accounting audits. Perform internal checks on information security responsibilities and self-audits. Improve internal controls related to information security. Assess compliance activities across the organization and enhance procedures as necessary. Conduct checks related to safeguarding personal credit information. Perform internal audits on significant information security incidents and penalties occurring within financial institutions. Ideal Candidate Profile Understanding of IT and information security fundamentals is essential. Experience in IT or information security audits and assessments is required. In-depth knowledge of information security regulations, such as electronic financial supervision regulations, credit information industry regulations, and standards for ensuring the safety of personal data, is desired. Ability to understand and enhance internal control measures related to information security. Familiarity with emerging technologies such as MSA, Kubernetes, and Cloud is a plus. Excellent communication skills to collaborate effectively with various teams are necessary. Possession of information security audit certifications (CISA, CISSP, etc.) is advantageous. Application Recommendations Share specific examples of experiences related to internal/external audits or internal controls relevant to the job responsibilities. Include experiences that demonstrate improvements in IT environments or information security practices through audit responses and self-assessments. If you have experience solving complex problems in collaboration with various organizations, be sure to highlight that. Journey to Join Toss Bank Application submission > Job interview > Cultural fit interview > Reference check > Offer negotiation > Final acceptance Please Note If any false information is found in your resume or supporting documents, or if any disciplinary action during your employment history is confirmed, your application may be canceled. Applicants who fall under the disqualifying criteria as per Toss Bank’s employment regulations may have their applications revoked. Individuals with disabilities or who are veterans will receive preferential treatment in accordance with relevant laws.

Mar 9, 2026

Apply

System Security Team Leader

Toss Bank

Full-time|On-site|Seoul

About the Team You'll Join The Security Division at Toss Bank comprises several teams including the Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team. The System Security Team Leader is responsible for safeguarding devices and systems within Toss Bank against various external threats while leading the System Security Team. The Security Division collaborates with various teams to create a safe and reliable service for Toss Bank customers. The System Security Team, in particular, focuses on ensuring secure services from both system/device security and operational perspectives, working closely with product organizations, legal and compliance, platform engineering, and internal audit teams. Responsibilities You'll Have Develop and execute operational plans for device and system information security solutions to protect Toss Bank's customers, leading the team's technical growth and implementation. Design and enhance integrated security operations for device security, system security solutions, AI, and supply chain security. Establish strategies to ensure visibility from a systems security perspective and create an environment that supports optimal operations. Who We're Looking For Individuals with over 10 years of diverse experience in operating security solutions are essential. Experience in directly leading a security team of three or more members to achieve team objectives is highly desirable. Knowledge of operational strategies for device and system security solutions aimed at ensuring safe electronic financial transactions is necessary. Deep understanding of the principles of security solutions, with the ability to set standards for operational policies and guide team discussions for optimal decision-making is required. Experience in automating repetitive tasks to enhance productivity and a proven track record of deep diving into problem-solving are sought after. Familiarity with various open-source tools and the ability to utilize AI in work processes are preferred. Experience in script development using Bash, Python, and API utilization for system integration is necessary. Resume Submission Guidelines We recommend submitting a resume in a free format along with a portfolio. Your application should highlight experiences and knowledge relevant to the role. Present specific contexts and outcomes rather than simply listing responsibilities, focusing on how you solved problems. Detail your leadership experiences, including team size, operational methods, personal contributions, and team achievements. Include any experience in establishing security strategies or improving systems that influenced the entire organization. It would be beneficial to attach examples that demonstrate your technical depth, such as architectures you have designed, problem-solving processes, or automation outcomes. Your Journey to Joining Toss Bank Application submission and...

Apr 2, 2026

Apply

Security Engineer (Infrastructure Architect / 3+ Years Experience)

Toss Careers

Full-time|On-site|Seoul

About the Team You Will JoinThe Security Infrastructure team is dedicated to designing security architectures that ensure the safe expansion of Toss's business, implementing and automating these architectures in real-world environments.This team covers cloud, network, and endpoint security, directly designing and implementing security policies and controls based on key infrastructure.We select technology stacks, create log architectures, and access control models, building a structure that defends against actual threats rather than merely implementing security for security's sake.Our team consists of members with diverse experiences, primarily from corporate information security roles and specialized information protection companies.We are looking for individuals who start with the question of “Why?” to improve security structures and design safer, more efficient methods while balancing technology and business needs.Responsibilities You Will UndertakeDevelop and manage information security solutions that protect Toss's services and employee environments.Establish and operate an access control system for internal information systems.Build a network separation environment and information leak response systems in accordance with financial compliance.Plan and operate systems to enhance security visibility and access control systems.Conduct modern threat analysis and incorporate global trends while establishing AI-based detection and analysis systems and real-time response strategies.Additional ResponsibilitiesDesign, build, and operate infrastructure security architectures across cloud (AWS/GCP/Azure) and on-premises/hybrid environments, covering networks, servers, databases, and containers. You may focus on either cloud or network based on your strengths.Design and reliably implement core security policies like IAM, network segmentation, access control, and encryption (KMS) in real environments.Structure repetitive security operations based on IaC and automation while collaborating with other teams to establish actionable security standards.Analyze security events and breach incidents to design and fundamentally improve security structure, policies, and automation.Ideal CandidateWe are searching for individuals with over 3 years of relevant experience.You should have experience dealing with infrastructure across cloud, network, and systems, not limited to one area.Experience in enhancing detection and response systems using security solutions like CSPM/CNAPP, SIEM, EDR, WAF, and KMS is essential.Experience in designing or improving operational efficiency through security automation and IaC with tools like Terraform/CloudFormation, Ansible, and Python is required.You should have experience interpreting and integrating security requirements in financial and regulatory environments (ISMS-P, ISO27001, PCI-DSS).

Mar 9, 2026

Apply

Security Engineer (Military Service Personnel/Professional Research Personnel)

Toss

Full-time|On-site|Seoul

#LI-DNIAbout the Team You Will JoinThe Toss Security Team is responsible for maintaining the security framework and various compliance measures. It comprises a security policy group and a security engineering group that identifies security threats and develops strategies to address them.Our team collaborates closely with various departments such as IT, personal data, infrastructure, and platforms to ensure the security of Toss's diverse services and team members’ work environments.Additionally, team members regularly engage in weekly meetings with peers from affiliated companies to share insights and collaborate on specialized areas.Our team includes professionals with 5 to 20 years of experience, most of whom have backgrounds in cybersecurity firms or corporate information security.We aspire to be the 'world's best security team' by developing robust security frameworks to protect our customers' valuable information against hacking and external threats while complying with various regulations.Responsibilities You Will HaveYou will build and operate information security solutions to protect Toss's customer services and the work environments of employees.You will establish access control measures to safeguard Toss Community's information systems (DB, Server, Network, etc.) and manage security solutions.You will implement and manage security systems (network separation, data leakage prevention, etc.) necessary for compliance with financial regulations.Your role will also involve improving security visibility and management systems to create a safe working environment for Toss teams.Ideal CandidateWe are looking for someone with experience in building and operating network security systems such as FW, NAC, and Proxy, along with infrastructure architecture design.Experience in designing access control models and control solutions for servers and databases using SAC and DAC is essential.Experience in building and operating cloud-based infrastructure and services (IaaS - AWS, Azure, OpenStack, etc. / SaaS - Google Workspace, M365, etc.) with security management is required.Experience in implementing and managing IAM and SSO systems (OKTA, KeyCloak, etc.) and designing permission management frameworks is highly desired.Familiarity with UEM systems for user clients like MS Intune, Workspace ONE, or Jamf is a plus.Knowledge of Zero Trust-based network access control configurations and an understanding of authentication protocols like SAML, OpenID, OAuth is a significant advantage.Experience with domestic and international security certifications and financial regulations like ISO27001, ISO27701, PCI-DSS, ISMS-P, and knowledge of compliance systems is preferred.Resume RecommendationsWe recommend detailing your problem-solving skills and technical experiences related to building and operating security solutions, including automation.

Mar 9, 2026

Apply

[Coupang Pay] Principal - Personal (Credit) Information Protection Specialist

Coupang

Full-time|On-site|Seoul, South Korea

Coupang is seeking a Principal Personal (Credit) Information Protection Specialist based in Seoul. This position plays a central part in protecting sensitive customer data and supporting compliance efforts across the company. Key responsibilities Develop and implement security measures to safeguard personal and credit information Monitor data handling practices to ensure ongoing protection Ensure compliance with relevant data protection regulations Collaborate with teams across the organization to strengthen data protection strategies Promote awareness of information security throughout Coupang What we look for Strong background in data security and regulatory compliance Experience leading data protection initiatives Ability to work effectively with cross-functional teams Commitment to raising information security standards This role focuses on both strategic planning and hands-on implementation of information protection practices, helping Coupang maintain a secure environment for customer data.

Apr 30, 2026

Create account — see all 196 results

Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, or location & role pages.