Information Security Manager

Toss BankSeoul

On-site Full-time

Clicking Apply Now takes you to AutoApply where you can tailor your resume and apply.

Experience Level

Mid to Senior

Qualifications

Candidates should possess an understanding of security practices in the IT field, with specific experience in information security compliance and risk management being highly valued. Familiarity with industry standards and frameworks such as PCI-DSS, ISO27001, and ISMS-P will be advantageous.

About the job

About the Team You'll Join

The Security Division at Toss Bank comprises the Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team.
As an Information Security Manager within Toss Bank's Security Division, you will be responsible for ensuring that established security policies and standards are effectively implemented and monitored in real-world scenarios, and you will be part of the Security Policy Team.
The Security Division collaborates with various teams to create a safe and trustworthy service. The Security Policy Team works closely with product organizations to establish secure services from a security strategy, certification, and policy management perspective, while also collaborating with Legal & Compliance, Platform Engineering, and Internal Audit for regulatory compliance and internal controls. This collaborative effort enhances teamwork towards common goals.
Toss Bank's Security Division is dedicated to providing secure electronic financial transaction services and strives to embed security into user operations to ensure a consistently safe working environment.

What You'll Be Doing

Establishing and managing security review and compliance criteria, and conducting assessments.
Performing checks on critical information communication infrastructure, electronic financial infrastructure management systems, and cloud management frameworks.
Preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P).
Verifying and checking security requirements when collaborating with external partners and organizations.
Defining security architecture and requirements when implementing new IT technologies.
Designing and standardizing the enterprise information security framework.

Who We Would Like to Join Us

A background in development security is a plus.
An interest and understanding of security threats and the latest IT environments is desirable.
For senior-level candidates, we need individuals who understand security requirements related to financial information protection compliance (laws, guidelines, etc.).
Knowledge of new technologies such as MSA, K8S, and Cloud is essential.
Understanding of financial IT systems and service architectures is necessary.
High proficiency in information security architecture and security solutions is required.
Capability to review network separation architecture and cloud service architecture suitable for the financial sector is needed.
For junior-level candidates, an understanding of IT infrastructure (servers, networks, DBMS, endpoints, etc.) is necessary.
Experience in preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P) is critical.
Experience in checking management systems for critical information communication infrastructures and electronic financial infrastructures is required.
Ability to conduct checks according to security review criteria and provide guidance on improvements for identified deficiencies is essential.

How to Craft Your Resume

Provide specific examples of your work experience.
Share concrete examples of experience in management system checks, security reviews, or security architecture design and review in the relevant field.
Include accomplishments or improvements achieved while performing security check and review tasks.
Given the need for collaboration across various teams, highlight any experience in resolving complex problems with diverse organizations.

Your Journey to Join Toss Bank

About Toss Bank

Toss Bank is committed to creating a secure and reliable banking experience through its dedicated Security Division, which collaborates with various teams to innovate and maintain a high standard of security across all banking services.

1 - 20 of 626 Jobs

Search for Security Audit Manager Data Protection And Management

626 results

Select all on this page (20)

Apply

Security Audit Manager - Data Protection and Management

Toss Securities

Full-time|On-site|seoul

# Join Our Team- As a Security Audit Manager at Toss Securities, you will play a pivotal role within our Security Audit Team in the Security Division.- The Security Audit Team is responsible for conducting independent internal audits across the entirety of our information security management system, IT infrastructure, information security systems, and overal…

Mar 10, 2026

Apply

Security Audit Manager

Toss Bank

Full-time|On-site|Seoul

About the Team You Will Join The Security Division at Toss Bank consists of several teams: Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team. The Security Audit Manager will be responsible for conducting regular and ad-hoc audits as well as overseeing compliance checks across the organization within the Security Audit Team. This division collaborates with various teams to create safe and reliable services at Toss Bank. The Security Audit Team works closely with product teams and legal, compliance, platform engineering, and internal audit teams to ensure compliance and internal control. The Security Division is committed to providing secure electronic financial transaction services and strives to embed security into the daily operations of its users. Responsibilities You Will Undertake Conduct regular and ad-hoc internal audits of Toss Bank’s information security activities. Respond to periodic and ad-hoc audits conducted by the internal audit team and manage IT and security aspects of internal control accounting audits. Perform internal checks on information security responsibilities and self-audits. Improve internal controls related to information security. Assess compliance activities across the organization and enhance procedures as necessary. Conduct checks related to safeguarding personal credit information. Perform internal audits on significant information security incidents and penalties occurring within financial institutions. Ideal Candidate Profile Understanding of IT and information security fundamentals is essential. Experience in IT or information security audits and assessments is required. In-depth knowledge of information security regulations, such as electronic financial supervision regulations, credit information industry regulations, and standards for ensuring the safety of personal data, is desired. Ability to understand and enhance internal control measures related to information security. Familiarity with emerging technologies such as MSA, Kubernetes, and Cloud is a plus. Excellent communication skills to collaborate effectively with various teams are necessary. Possession of information security audit certifications (CISA, CISSP, etc.) is advantageous. Application Recommendations Share specific examples of experiences related to internal/external audits or internal controls relevant to the job responsibilities. Include experiences that demonstrate improvements in IT environments or information security practices through audit responses and self-assessments. If you have experience solving complex problems in collaboration with various organizations, be sure to highlight that. Journey to Join Toss Bank Application submission > Job interview > Cultural fit interview > Reference check > Offer negotiation > Final acceptance Please Note If any false information is found in your resume or supporting documents, or if any disciplinary action during your employment history is confirmed, your application may be canceled. Applicants who fall under the disqualifying criteria as per Toss Bank’s employment regulations may have their applications revoked. Individuals with disabilities or who are veterans will receive preferential treatment in accordance with relevant laws.

Mar 9, 2026

Apply

Security Audit Manager - Information Security Specialist

Toss Securities

Full-time|On-site|seoul

Join Our Team The Security Audit Manager at Toss Securities will be part of the Security Division, working within the dedicated Security Audit Team. This team is responsible for conducting independent internal audits across the entire information security management system, IT infrastructure, and data management frameworks. Collaboration with various teams is essential to create reliable financial services, covering areas including security, infrastructure, platforms, and products. The Security Audit Team consists of specialists focusing on Information Security Management Systems and Data Management, supporting the decisions of the CISO and CPO. Key Responsibilities Develop annual audit plans based on information security policies and relevant regulations, auditing the security management status of IT infrastructure and information security systems comprehensively. Evaluate the adequacy and compliance of critical information security areas, including access control, security policy implementation, and encryption management. Inspect compliance with security requirements in modern IT environments, such as cloud computing and open-source software, including vulnerability management practices. Assess the appropriateness of IT disaster recovery and security incident response processes, identifying areas for improvement. Objectively analyze audit results, drafting reports and proposing actionable improvement strategies for identified issues. Ideal Candidate Profile Proven experience in information security audits or consulting, with demonstrated leadership skills in evaluating and enhancing information security management systems. Expertise in IT infrastructure and security systems (firewalls, IPS/IDS, WAF, etc.), along with experience in vulnerability analysis and assessment. Deep understanding of information security management system certification standards (ISMS-P, ISO 27001, etc.) and relevant regulations for conducting audits. Proficiency in security auditing within modern technology environments, including MSA, Kubernetes, and Cloud. Excellent communication skills to facilitate effective collaboration across diverse teams. Resume Tips Highlight your experience in information security management system audits or internal controls, including specific examples relevant to the role. Include experiences of improving IT environments or information security activities through audit responses and self-assessments. Detail instances where you identified vulnerabilities and made recommendations that enhanced the organization's security posture. If you have security audit experience in cloud environments or emerging technologies, please emphasize that as well as any complex problem-solving experiences with various teams. Application Process with Toss Securities Submit Application > Job Interview > Cultural Fit Interview > Reference Check > Salary Negotiation > Final Offer and Onboarding Important Notes Any discrepancies found in the resume or reports of disciplinary actions during employment may lead to cancellation of the hiring process. Individuals disqualified from hiring according to Toss Securities regulations will not be considered. Persons with disabilities and national veterans are given preference in accordance with relevant laws.

Mar 10, 2026

Apply

IT Audit Manager

Toss Securities

Full-time|On-site|Seoul

About the Team You'll Join The IT Governance, Risk Management, and Compliance (GRC) team at Toss Securities is dedicated to establishing standards for IT operations and identifying internal risks to foster improvements. The IT Audit Manager within the IT GRC team will gain comprehensive knowledge in both IT technologies and securities operations, leveraging expertise to identify and mitigate risks. Join a collaborative team where diverse experiences converge to solve challenges and foster growth. We welcome applications from individuals eager to tackle new tasks and engage in problem-solving processes. Your Responsibilities Create and implement annual audit plans, conducting regular and ad-hoc IT audits. Manage internal and external reporting when IT incidents occur. Respond to audits conducted by external auditors concerning IT internal control systems. Provide support for examinations by regulatory bodies such as the Financial Supervisory Service. Develop and operate IT internal control policies that promote innovation while ensuring compliance with electronic financial transaction laws and regulations. We Are Looking For Individuals with a minimum of 5 years of experience in IT and auditing roles. Proficiency in understanding and interpreting domestic and international regulations, including electronic financial supervision regulations. Strong communication and collaboration skills across diverse organizations. Ability to draft audit reports and related documentation clearly and effectively. Preferred Qualifications Experience in audit roles and examinations by external entities is advantageous. Possession of audit-related certifications such as CISA, CISSP, or CIA, as well as IT-related certifications, is a plus. Experience in internal control departments of financial institutions (audit teams, IT audit teams, compliance teams, etc.) is preferred. Background in IT planning, development, operations, and project participation is desirable. Resume Tips If you have concrete examples of how you have identified and mitigated risks through internal audits or similar roles, please include them. Detail any challenges you faced in implementing internal control improvements or new operational procedures, and how you overcame them. Include any IT-related roles you have held outside of internal audits or internal controls. If you have experience with regulatory examinations (e.g., from the Financial Supervisory Service), please describe your role and contributions. The Journey to Joining Toss Securities Application submission > Job interview > Cultural fit interview > Reference check > Compensation discussion > Final acceptance and onboarding. Please Note Any discovered discrepancies in resumes or disciplinary actions in employment history may result in cancellation of employment offers. Hiring may be canceled for candidates disqualified under Toss Securities' internal regulations. A Note for Future Colleagues“Let’s build an IT audit framework unique to Toss Securities together.”At Toss Securities, the IT audit role offers a remarkable opportunity to enhance and expand traditional control techniques and processes in a dynamic environment. We encourage those seeking new experiences and growth to apply!

Mar 10, 2026

Apply

IT Internal Audit Manager

Toss Bank

Full-time|On-site|Seoul

About the Internal Audit Team at Toss Bank The Internal Audit Team at Toss Bank works to protect both customers and colleagues from a range of internal and external risks. The group includes professionals with more than 10 years of auditing experience, bringing varied backgrounds and a focus on practical, efficient audit strategies. Audits cover multiple domains and are carried out in partnership with other teams according to the annual audit plan. Insights from these audits drive real improvements, not just reports, thanks to strong teamwork and a commitment to actionable results. What You Will Do Create and execute a long-term IT audit strategy, ensuring systematic audit operations. Lead thematic and special audits to address IT and security concerns. Manage financial incident reporting and investigations, and coordinate responses to regulatory bodies. Who We’re Looking For Background in internal audit, compliance, or information security (including data protection) is required. Solid understanding of IT and information security regulations, with experience in compliance checks. Hands-on knowledge of information security controls such as network architecture, access control, account management, and log management is preferred. Experience with policy management and tools for hacking prevention, data breach prevention, and monitoring is a plus. Familiarity with incident investigations involving IT failures, breaches, or data leaks is valued. Experience with continuous monitoring tasks (such as FDS or rule-based data leak detection) is desirable. Resume Tips Describe specific examples of managing risks and driving improvements through internal audit or similar roles. Share how you addressed resistance from operational departments to internal control changes, and how you overcame these situations. Mention IT and security-related responsibilities beyond internal audit or IT controls, if applicable. If you’ve worked with regulatory bodies like the Financial Supervisory Service, detail your contributions during inspections. Application Process Submit application Job interview Cultural fit interview Reference check Salary negotiation Final acceptance and onboarding

Apr 17, 2026

Apply

Audit Operations Manager

Toss Careers

Full-time|On-site|Seoul

We are seeking an experienced and dynamic Audit Operations Manager to join our team. In this pivotal role, you will oversee and enhance our audit processes, ensuring compliance and operational excellence. You will play a crucial part in fostering a culture of accountability and continuous improvement within our organization.As the Audit Operations Manager, you will be responsible for developing audit strategies, leading audit teams, and working closely with various departments to ensure best practices are implemented. Your analytical skills will help identify risks and opportunities, while your leadership will guide your team towards achieving our organizational goals.

Apr 8, 2026

Apply

IT Audit Manager

Toss Bank

Full-time|On-site|Seoul

# Join Our Team The IT Audit Manager at Toss Bank will be part of the internal IT audit team. This team collaborates closely with departments related to platform, infrastructure, security, and compliance to ensure adherence to IT regulations. # Responsibilities Evaluate and improve internal control procedures to comply with the Electronic Financial Transactions Act and Electronic Financial Supervision Regulations. Prepare and respond to documentation related to IT internal controls as required by regulatory and certification bodies. Identify deficiencies through internal audits and propose improvement directions. Establish annual audit plans and perform regular and ad-hoc IT audit activities. # Ideal Candidate Must possess comprehensive knowledge of IT and a strong understanding of the development environment. Experience in conducting self-checks or audits is essential. Experience with program controls and computerized ledger controls in accordance with electronic financial supervision regulations is required. Experience with responses to regulatory inspections is necessary. Experience in similar roles within financial institutions is preferred. # Resume Tips Include experiences where you identified deficiencies and suggested improvements through self-checks or audits. Detail your experiences with comprehensive inspections by regulatory bodies, IT audits by accounting firms, and responses to external certification audits. # Joining the Toss Bank Journey Application submission > Job interview > Cultural fit interview > Reference check > Salary negotiation > Final selection # Important Notes Any false information found in resumes or documents, or disciplinary issues in work history may lead to cancellation of employment. Applicants who fall under the disqualification criteria as per Toss Bank’s employment regulations may have their applications revoked. Individuals with disabilities or national veterans are given preference in accordance with relevant laws. # A Message for Future Colleagues “Our goal is to establish a new standard for IT internal controls that is distinct from the rigid frameworks of traditional financial institutions.” The IT internal controls at Toss Bank are developed by asking fundamental questions: ‘Why do we do this? What are we trying to protect?’ We aim to distinguish between what is essential to follow and what is beneficial to implement, creating internal controls that allow IT organizations to operate efficiently. We foster a flexible work environment with no unnecessary reporting, enabling swift decision-making, and allowing for flexible working hours and remote work to enhance focus and productivity. If you are excited about establishing new IT internal controls in a dynamic environment, we welcome you!”

Mar 9, 2026

Apply

Privacy Manager

Toss Securities

Full-time|On-site|Seoul

Join Our TeamThe Security Division at Toss Securities is comprised of the Security Policy Team and the Security Engineering Team. The Security Policy Team includes roles such as Information Security Manager and Privacy Manager.Our division receives comprehensive support across the organization to create a secure Toss Securities service and collaborates closely with all departments.Team members actively share experiences and insights with colleagues in similar roles across subsidiaries to achieve common goals.Our team consists of members with diverse experience ranging from 1 to 20 years, most of whom have a background in information security companies and corporate information security roles.This year, we aim to enhance our information security and privacy management systems through global security standard certifications, focusing on risk management driven by data flow and business processes. Additionally, we will engage in research activities to advance regulatory compliance.

Mar 9, 2026

Apply

Privacy Manager

Toss Securities

Full-time|On-site|Seoul

About the Team You Will Join The Security Division of Toss Securities comprises the Security Policy Team and the Security Engineering Team. The Security Policy Team includes roles such as Information Security Manager and Privacy Manager. The Security Division receives comprehensive support across the organization to create secure Toss Securities services and collaborates closely with all departments. Team members actively exchange experiences and knowledge with peers in the same roles across subsidiaries to achieve common goals through collaboration. The team consists of members with varying levels of experience, ranging from 1 to 20 years, most of whom have backgrounds in information security firms or as corporate information security officers. This year, we aim to strengthen our information security and privacy management systems through global security standard certifications and focus on risk management driven by data flow and business processes. Additionally, we will conduct research activities to advance regulations. Responsibilities You Will Take On Lead the establishment and operation of privacy policies and the acquisition and maintenance of domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.). Design and operate processes for consent of personal (credit) information collection and usage, privacy policies, subcontracting contracts, and security agreements. Lead internal audits, inspections, and external agency assessments, driving improvement activities. Design and implement processes to prevent and respond to personal information breach incidents. Plan and operate privacy training and campaigns within the organization, promoting a culture of security. Mentor junior team members to enhance team capabilities collectively. We Are Looking for Someone Who Has over 5 years of experience in privacy and information security within the financial and electronic finance sectors. Has direct experience leading the development of privacy agreements, terms, and internal regulations. Possesses experience in managing privacy policies, subcontracting, and security agreements. Has experience leading the acquisition and maintenance of domestic and international information security and privacy certifications. Can identify and lead new privacy challenges in a rapidly changing IT/service environment. Resume Submission Tips If you have achievements that have enhanced the level of privacy protection, please write them with specific details. If you have encountered conflicts between privacy regulations and business objectives, provide case studies detailing the rationale behind your decisions. Your Journey to Joining Toss Securities Application submission > Job interview > Cultural fit interview > Reference check > Salary negotiation > Final acceptance and onboarding. Please Note If any false information is found in your resume or submitted documents, or if any disciplinary actions are confirmed during your employment history, your application may be canceled. Applicants who fall under the company's hiring restrictions or have disqualifying factors may have their applications canceled. Individuals with disabilities and those eligible for national veterans' benefits are given preferential treatment in accordance with relevant laws. A Word for Future Colleagues > "I find it satisfying to be able to gain diverse experiences in a dynamic environment."

Mar 10, 2026

Apply

Information Security Manager

Toss Securities

Full-time|On-site|Seoul

About the Team You'll Join The Security Division at Toss Securities comprises the Security Policy Team and the Security Engineering Team, with the Security Policy Team including roles such as Information Security Manager and Privacy Manager. This division enjoys comprehensive support across the organization to create secure Toss Securities services and collaborates closely with all departments. Team members actively exchange experiences and knowledge with peers in similar roles across affiliates to achieve shared goals. The team consists of members with diverse experience ranging from 1 to 20 years, most of whom have backgrounds in information security firms and corporate information security roles. This year, we are focusing on enhancing our information security management system through global security standard certifications and prioritizing risk management based on data flow and business processes. We will also conduct research activities to advance regulatory frameworks. Responsibilities You'll Have Lead the establishment and operation of information security policies, as well as the acquisition and maintenance of domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.). Formulate and amend security policies in response to changes in legislation and regulations, and develop operational processes. Oversee internal audits, inspections, and external institution assessments, driving improvement initiatives. Establish and lead the security risk assessment and management processes. Plan and implement security awareness programs (training, campaigns) to foster a security-centric culture within the organization. Mentor junior colleagues and contribute to the growth of team capabilities. Ideal Candidate Profile Over 5 years of experience in information security policy and management system operations within the finance and electronic finance sectors. Proven experience leading the acquisition and maintenance of domestic and international security certifications. Strong background in responding to external organizations and validated risk management skills. Experience in designing and executing organizational policies and processes. Ability to identify and lead new security challenges in rapidly changing IT/service environments. Journey to Joining Toss Securities Application submission > Role interview > Cultural fit interview > Reference check > Compensation negotiation > Final acceptance and onboarding. Please Note Any discrepancies found in the resume or supporting documents, or any disciplinary issues in the work history may lead to cancellation of employment. Candidates identified as prohibited or disqualified under Toss Securities internal regulations may also have their applications canceled. Individuals with disabilities and those eligible for national veteran benefits are given preferential treatment in accordance with relevant laws. A Message for Future Colleagues You can create an information security management system with comprehensive organizational support. At Toss Securities, all colleagues share an understanding of the importance of information security, and the Security Division builds the management system based on this shared awareness. To establish a high-level information security management system, we not only comply with mandatory requirements but also embrace various challenges to present new cultures and trends. This means you will gain diverse experiences not confined to routine tasks. We are looking for passionate colleagues who want to contribute to the security of Toss Securities while experiencing explosive growth in their careers.

Mar 9, 2026

Apply

[Coupang Pay] Principal - Personal (Credit) Information Protection Specialist

Coupang

Full-time|On-site|Seoul, South Korea

Coupang is seeking a Principal Personal (Credit) Information Protection Specialist based in Seoul. This position plays a central part in protecting sensitive customer data and supporting compliance efforts across the company. Key responsibilities Develop and implement security measures to safeguard personal and credit information Monitor data handling practices to ensure ongoing protection Ensure compliance with relevant data protection regulations Collaborate with teams across the organization to strengthen data protection strategies Promote awareness of information security throughout Coupang What we look for Strong background in data security and regulatory compliance Experience leading data protection initiatives Ability to work effectively with cross-functional teams Commitment to raising information security standards This role focuses on both strategic planning and hands-on implementation of information protection practices, helping Coupang maintain a secure environment for customer data.

Apr 30, 2026

Apply

[Coupang Financial] Personal (Credit) Information Protection Specialist

Coupang

Full-time|On-site|Seoul, South Korea

Role overview Coupang Financial is hiring a Personal (Credit) Information Protection Specialist based in Seoul, South Korea. The position centers on protecting sensitive customer data and upholding strong information security standards. Main responsibilities Develop and maintain data protection policies for the organization Monitor compliance with local regulations related to personal and credit information Work closely with teams across departments to enhance security practices Impact This role plays a key part in safeguarding customers' personal and credit information, reinforcing Coupang Financial's focus on data privacy and security.

Apr 22, 2026

Apply

Information Security Manager

Toss Bank

Full-time|On-site|Seoul

About the Team You'll JoinThe Security Division at Toss Bank comprises the Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team.As an Information Security Manager within Toss Bank's Security Division, you will be responsible for ensuring that established security policies and standards are effectively implemented and monitored in real-world scenarios, and you will be part of the Security Policy Team.The Security Division collaborates with various teams to create a safe and trustworthy service. The Security Policy Team works closely with product organizations to establish secure services from a security strategy, certification, and policy management perspective, while also collaborating with Legal & Compliance, Platform Engineering, and Internal Audit for regulatory compliance and internal controls. This collaborative effort enhances teamwork towards common goals.Toss Bank's Security Division is dedicated to providing secure electronic financial transaction services and strives to embed security into user operations to ensure a consistently safe working environment. What You'll Be DoingEstablishing and managing security review and compliance criteria, and conducting assessments.Performing checks on critical information communication infrastructure, electronic financial infrastructure management systems, and cloud management frameworks.Preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P).Verifying and checking security requirements when collaborating with external partners and organizations.Defining security architecture and requirements when implementing new IT technologies.Designing and standardizing the enterprise information security framework. Who We Would Like to Join UsA background in development security is a plus.An interest and understanding of security threats and the latest IT environments is desirable.For senior-level candidates, we need individuals who understand security requirements related to financial information protection compliance (laws, guidelines, etc.).Knowledge of new technologies such as MSA, K8S, and Cloud is essential.Understanding of financial IT systems and service architectures is necessary.High proficiency in information security architecture and security solutions is required.Capability to review network separation architecture and cloud service architecture suitable for the financial sector is needed.For junior-level candidates, an understanding of IT infrastructure (servers, networks, DBMS, endpoints, etc.) is necessary.Experience in preparing for and responding to information security certifications (such as PCI-DSS, ISO27001, ISMS-P) is critical.Experience in checking management systems for critical information communication infrastructures and electronic financial infrastructures is required.Ability to conduct checks according to security review criteria and provide guidance on improvements for identified deficiencies is essential. How to Craft Your ResumeProvide specific examples of your work experience.Share concrete examples of experience in management system checks, security reviews, or security architecture design and review in the relevant field.Include accomplishments or improvements achieved while performing security check and review tasks.Given the need for collaboration across various teams, highlight any experience in resolving complex problems with diverse organizations. Your Journey to Join Toss Bank

Mar 9, 2026

Apply

Information Security Manager

Toss Careers

Full-time|On-site|Seoul

Toss Careers is looking for an Information Security Manager based in Seoul. This position takes charge of the organization's security efforts, focusing on safeguarding data and infrastructure against threats. Key responsibilities Lead and grow a team of security professionals Work with teams throughout the company to spot and address vulnerabilities Apply security best practices across systems and processes Build and maintain a reliable security framework This role centers on proactive risk management and collaboration to ensure the company's information remains secure.

Apr 23, 2026

Apply

Information Security Manager - Policy and Planning

Toss Securities

Full-time|On-site|Seoul

Join Our Dynamic Team!The Security Division at Toss Securities comprises the Security Policy Team and the Security Engineering Team. The Security Policy Team includes both the Information Security Manager and the Privacy Manager.Our division receives robust support across the organization to ensure the safety of Toss Securities services, fostering close collaboration with all departments.Team members actively share experiences and knowledge with peers in similar roles across our affiliates, working together to achieve shared objectives.Our team consists of members with diverse experiences ranging from 1 to 20 years, most of whom have backgrounds in information security firms or as corporate information security officers.This year, we aim to enhance our information security management system through global security standard certifications and focus on risk management centered around data flows and business processes, alongside conducting research for regulatory advancement. Your Responsibilities:Establish and manage information security policies in accordance with regulations such as the Electronic Financial Transactions Act, Credit Information Act, Information and Communications Network Act, and Personal Information Protection Act.Oversee the establishment and maintenance of information security policies and manage domestic and international security certifications (ISMS-P, ISO/IEC 27001, 27701, 27017, 27018, PCI-DSS, etc.).Identify and assess security risks, derive improvement tasks, and manage them effectively.Respond to internal audits, inspections, and external agency assessments, and carry out post-management activities.Conduct security training and campaigns for employees to enhance security awareness.Assess the security of new services and technologies (cloud, DevOps, etc.) and improve policies accordingly. Ideal Candidate Profile:Strong understanding of information security regulations and compliance.Experience in operating information security management systems and obtaining security certifications.Hands-on experience in security audits, risk assessments, and policy management activities.Experience in policy or planning roles within a financial or fintech environment is a plus.Interest and understanding of security threats and the latest IT environments will be advantageous. Joining Toss Securities:Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Negotiation > Final Offer & Onboarding Please Note:Any falsehoods found in resumes or application documents, or any disciplinary issues during employment history, may lead to cancellation of employment.Individuals categorized as hiring prohibitions or disqualified under Toss Securities regulations may have their applications canceled.Individuals with disabilities or who are veterans will be given preference in accordance with applicable laws. A Message for Future Colleagues:Work within a supportive environment to develop a robust information security management system.All colleagues at Toss Securities recognize the importance of information security, and the Security Division is committed to fostering this understanding.We are undertaking various challenges to present new cultures and trends while ensuring compliance with mandatory requirements, offering a chance to gain diverse experiences beyond conventional tasks.We are looking for passionate colleagues who are eager to contribute to the security of Toss Securities and achieve explosive career growth.

Mar 10, 2026

Apply

Privacy Manager

Toss Insurance

Full-time|On-site|Seoul

As a Privacy Manager at Toss Insurance, you will play a crucial role in ensuring that our organization complies with data protection regulations and maintains the highest standards of privacy for our customers. You will develop and implement privacy policies, conduct risk assessments, and serve as the primary point of contact for privacy-related inquiries. Join us to make a difference in how we handle personal information and protect our users' data.

Mar 9, 2026

Apply

Privacy Manager

Toss

Full-time|On-site|Seoul

# About the Team You'll Join- The Privacy Manager at Toss is part of the Personal Data Protection (PDP) team.- The PDP team is responsible for establishing and operating the personal information protection management system, ensuring compliance with privacy laws and regulations, and providing safe and reliable services to customers.- Additionally, the team implements measures to ensure the safety of personal data, supports various certifications and permit evaluations in the realm of personal data protection, and engages in awareness-raising activities through training and campaigns.- The PDP team collaborates closely with various teams within Toss and shares insights on specialized fields with privacy professionals across the Toss community.- Team members possess diverse experiences as personal data protection officers and are highly passionate about protecting customers' valuable information.# Responsibilities You Will Undertake- Review the appropriateness of processing personal data throughout the collection, use, provision, and disposal stages within Toss services.- Draft and manage internal regulations and guidelines related to personal data, along with necessary guides and manuals for data handling.- Evaluate risks and compliance levels based on personal data protection laws concerning Toss services and data processing procedures.- Review contracts related to personal data used in Toss services and manage consent forms for data collection, use, and provision.- Conduct information security assessments and manage compliance with ISMS-P, ISO27001, ISO27701, and similar certifications.- Establish and implement a monitoring system for legal violations and misuse risks in personal data processing.# Ideal Candidate Profile- Experience reviewing the appropriateness of personal data lifecycle processes in services that handle personal information is essential.- Strong knowledge of and high understanding of personal data protection laws and related guidelines is required.- Experience in establishing and improving access, retention, use, and disposal policies for personal data from various databases is crucial.- We seek individuals who wish to develop their skills in overseeing the entire personal data lifecycle, extending beyond mere compliance.- Holding certifications related to personal data protection, such as ISMS-P auditor or CPPG, is advantageous.- Experience in creating and managing personal data regulations and guidelines based on laws and company operations, as well as developing practical guides for operational use, is a plus.- Experience in liaising with external organizations, such as the Financial Services Commission, Financial Supervisory Service, Personal Information Protection Commission, and KISA, is also a plus.# Joining the Toss Journey- Application submission > Job interview > Cultural fit interview > Reference check > Compensation negotiation and onboarding date scheduling > Final acceptance.# A Note for Future Colleagues- “At Toss, we handle a variety of services in a rapidly changing environment, gaining extensive experience along the way.”- Through sharing challenges and collaborating, we form deep bonds with colleagues. Privacy protection here offers not just work but a chance to learn and grow together.- By joining the team, you'll gain a wealth of success experiences in protecting personal information across approximately 100 services implemented in the Toss app. If you want to realize your highest potential, we encourage you to apply!

Mar 9, 2026

Apply

Information Security Manager

Toss Care

Full-time|On-site|Seoul

Join our team as an Information Security Manager at Toss Care, where you will play a pivotal role in safeguarding our information assets and ensuring compliance with security policies. You will be responsible for developing and implementing security strategies, managing risk assessments, and leading initiatives to enhance our information security posture.

Apr 8, 2026

Apply

Global Privacy Manager

Toss

Full-time|On-site|Seoul

# Join Our Team- The Global Privacy Manager position falls within the Personal Data Protection (PDP) team at Toss.- The PDP team oversees the entire lifecycle of personal data from collection to destruction, ensuring that all data, both domestically and internationally, is processed legally and securely by establishing guidelines and conducting audits.- Additionally, this role leads the establishment of personal (credit) information protection laws and policies for domestic Toss services and is responsible for the comprehensive management of privacy policies for the Toss app as it expands into global markets such as Australia.- Rather than merely reviewing regulations, the PDP team collaborates closely with various related departments to present practical solutions that ensure safe service launches and operations.- Joining the PDP team means you will be part of a diverse group of colleagues with various backgrounds and expertise, helping to set new standards for data protection and enabling Toss to offer unprecedented financial services.# Responsibilities- Manage and conduct regular reviews of privacy policies for global services currently operating, including in Australia.- Analyze legal regulations in new market countries to establish optimized personal data policies and operational standards.- Review whether the processes for collecting, using, providing, and destroying personal data related to domestic and international services are appropriate.- Identify potential risks within service processes based on domestic and international regulations and assess compliance levels.- Systematically create and manage contracts and consent forms related to personal data for domestic and international services.# Desired Qualifications- Experience analyzing international privacy legal frameworks (e.g., GDPR) and applying them to services.- Proficient English communication skills to work freely with overseas entities and partners.- A desire to grow as a global privacy expert based on deep insights into the personal data lifecycle, beyond just compliance.- Experience translating legal knowledge into practical guidelines and instructions that operational departments can readily utilize is a plus.- Familiarity with establishing and improving access, retention, and destruction policies in diverse database environments is advantageous.# The Path to Joining Toss- Application submission > Job interview > Cultural fit interview > Reference check > Salary negotiation and start date coordination > Final acceptance.# A Message for Future Colleagues- “At Toss, we work with a range of services in a rapidly changing environment, gaining extensive experience along the way.”- Through shared challenges and collaborations, we establish deep bonds with colleagues, where data protection becomes not just a task but a learning and growth opportunity for everyone involved.- By joining our team, you can engage in personal (credit) data protection for approximately 100 services implemented in the Toss app, gaining a variety of successful experiences. If you wish to realize your fullest potential, we encourage you to apply!

Mar 9, 2026

Apply

Staff Privacy Manager

Intuitive Surgical, Inc.

Full-time|On-site|Seoul

Join our dynamic team as a Staff Privacy Manager at Intuitive Surgical, where your expertise will play a vital role in ensuring compliance with privacy regulations and safeguarding sensitive information. You will lead initiatives to enhance privacy practices and collaborate across departments to promote a culture of privacy awareness.

Mar 2, 2026

Create account — see all 626 results

Browse all companies, explore by city & role, or SEO search pages.

Information Security Manager

Experience Level

Qualifications

About the job

About Toss Bank

Similar jobs