
Masabi · London - Remote
About Us_ // At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world. We build fare collection platforms that...
About Us_
// At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world. We build fare
collection platforms that allow riders to seamlessly buy and present tickets for public transport either on their mobile phones,
from a ticket machine, or even by tapping their bank card to travel.
Our Justride platform is used in over 250 locations globally, including some of the largest cities in the world. With our
industry-first mobile ticketing SDK, we’ve partnered with large players in the transport space, including Uber, Moovit and
Transit.
Your own journey is important to us too. Choosing a role here means joining a network of innovators from all walks of life; a
group of passionate individuals who consistently deliver. Here, you’ll find the tools you need to build the career you want.
Whether you’re taking the direct route or trying a new path, we’ll support you no matter what.
// At Masabi, we’re building technology that makes public transport simpler, fairer and more accessible for millions of people.
That only works if our platform is secure, trusted and reliable.
As our Head of Security & Compliance, you’ll step into a role that is central to how we build trust with our customers and scale
as a global SaaS business.
You’ll own security and compliance end to end, shaping how we approach it as a company and how it works in practice day to day.
You’ll lead a small team, bringing clarity, focus and direction as you build on solid foundations and evolve this area alongside
the business.
In the near term, you’ll focus on understanding where we are today, strengthening our approach to key areas like audits and
compliance, and helping teams move forward with confidence. You’ll work closely with Engineering, Product and Legal to turn
requirements into practical, well-executed outcomes.
This is a senior role where you’ll stay close to the work, especially in the early stages. Over time, you’ll shape a more
structured and scalable function, helping Masabi stay ahead of evolving standards and make thoughtful decisions around risk.
// This role is available on a remote basis for candidates located anywhere in the UK. Candidates based in London may also work in
a hybrid model, with occasional travel to the office
effectively
additional standards such as ISO 27017 and ISO 27018
requests
is needed
regulatory demand
Careers at Masabi are for people going places - driven by a mission to make transit fair and accessible for all.
// We are a network of innovators from all walks of life, passionate about making a difference. At Masabi, we operate with
openness and trust, creating an environment where everyone feels empowered to bring their whole, authentic selves to work.
Whoever you are, just be yourself.
// We welcome applications from underrepresented groups, including disabled and neurodivergent people, and can make adjustments at
any stage of the process. You’re also welcome to share your pronouns whenever you feel comfortable. Together, we simplify
journeys, remove barriers, and improve daily life for millions.
Why Join Masabi?
route or exploring new paths, we support your journey.
load.
We’re already powering journeys - are you ready to join us?
About Us_ // At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world. We build fare collection platforms that allow riders to seamlessly buy and present tickets for public transport either on their mobile phones, from a ticket machine, or even by tapping their bank card to travel. Our Justride platform is used in over 250 locations globally, including some of the largest cities in the world. With our industry-first mobile ticketing SDK, we’ve partnered with large players in the transport space, including Uber, Moovit and Transit. Your own journey is important to us too. Choosing a role here means joining a network of innovators from all walks of life; a group of passionate individuals who consistently deliver. Here, you’ll find the tools you need to build the career you want. Whether you’re taking the direct route or trying a new path, we’ll support you no matter what. THE ROLE_ // At Masabi, we’re building technology that makes public transport simpler, fairer and more accessible for millions of people. That only works if our platform is secure, trusted and reliable. As our Head of Security & Compliance, you’ll step into a role that is central to how we build trust with our customers and scale as a global SaaS business. You’ll own security and compliance end to end, shaping how we approach it as a company and how it works in practice day to day. You’ll lead a small team, bringing clarity, focus and direction as you build on solid foundations and evolve this area alongside the business. In the near term, you’ll focus on understanding where we are today, strengthening our approach to key areas like audits and compliance, and helping teams move forward with confidence. You’ll work closely with Engineering, Product and Legal to turn requirements into practical, well-executed outcomes. This is a senior role where you’ll stay close to the work, especially in the early stages. Over time, you’ll shape a more structured and scalable function, helping Masabi stay ahead of evolving standards and make thoughtful decisions around risk. Location_ // This role is available in a fully remote model for candidates based in Canada within Central or Eastern time zones. Responsibilities_ * Take ownership of security and compliance across Masabi, creating clarity on priorities and ways of working * Build a clear view of our current security posture and define a practical path to strengthen it over time * Define security and compliance requirements and work closely with Engineering and IT teams to ensure they are implemented effectively * Maintain existing compliance across PCI DSS, ISO27001, SOC2 and Cyber Essentials, and lead new compliance initiatives across additional standards such as ISO 27017 and ISO 27018 * Manage audits end to end, from preparation through to delivery and follow-up actions * Work closely with Engineering and Product teams to embed security practices in a way that supports delivery * Maintain a clear and actionable view of risk, helping the business prioritise what matters most * Build a more scalable approach to customer assurance, including clearer processes and reusable materials for customer and audit requests * Help guide decisions on which compliance standards we take on as we grow * Lead and support a small team, creating focus, trust and shared direction ABOUT YOU_ * You’ve worked in security and compliance within a payments, fintech or PCI-regulated environment * You have strong, hands-on experience with PCI DSS, ISO27001 and SOC2, including preparing for and delivering audits * You’ve personally owned and delivered compliance programmes, not just overseen them * You understand how security and compliance connect, and how to make them work in practice across a business * You’ve operated in a growing or scaling company, where you’ve had to bring structure and prioritise effectively * You’re comfortable driving work across teams without direct authority, and following through to completion * You bring sound judgement when balancing risk, delivery and commercial needs * You’ve supported or led a small team and know how to create clarity and accountability * You communicate clearly with both technical and non-technical audiences, helping people understand what matters and what action is needed NICE TO HAVE_ * Experience working with additional ISO standards such as ISO 27017 and ISO 27018 * Experience scaling security and compliance in a growing SaaS company, especially through periods of increased customer or regulatory demand * Relevant certifications such as CISSP, CISM, CISA or ISO27001 Lead Auditor or similar * Awareness of AI-related security and governance considerations, and how they may apply in a SaaS environment SOME OF OUR BENEFITS_ * 20 days of vacation per year (in addition to public holidays). On top of this, our office is shut every year between Christmas and New Year, totaling a whopping 28+ days of vacation * Private Healthcare and Life Insurance * Menopause support * Choice of a workstation * Training allowance of up to CAD$1300 per year * CAD$325 per year to spend on your home office * $50 CAD per month for team building activities * Ability to work for up to 3 months per year from any country in the world * Enhanced family leave Careers at Masabi are for people going places - driven by a mission to make transit fair and accessible for all. // We are a network of innovators from all walks of life, passionate about making a difference. At Masabi, we operate with openness and trust, creating an environment where everyone feels empowered to bring their whole, authentic selves to work. Whoever you are, just be yourself. // We welcome applications from underrepresented groups, including disabled and neurodivergent people, and can make adjustments at any stage of the process. You’re also welcome to share your pronouns whenever you feel comfortable. Together, we simplify journeys, remove barriers, and improve daily life for millions. Why Join Masabi? * Driven by Purpose – We believe in journeys made simple. The work isn’t always easy, but the best things never are. * Encouraged to Accelerate – Masabi is going places and our people are in the driving seat. Whether you’re taking the direct route or exploring new paths, we support your journey. * Advancing with Empathy – We put people first and foster a culture of learning, not blame. No matter your cargo, we share the load. We’re already powering journeys - are you ready to join us?
About Us_ // At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world. We build fare collection platforms that allow riders to seamlessly buy and present tickets for public transport either on their mobile phones, from a ticket machine, or even by tapping their bank card to travel. Our Justride platform is used in over 250 locations globally, including some of the largest cities in the world. With our industry-first mobile ticketing SDK, we’ve partnered with large players in the transport space, including Uber, Moovit and Transit. Your own journey is important to us too. Choosing a role here means joining a network of innovators from all walks of life; a group of passionate individuals who consistently deliver. Here, you’ll find the tools you need to build the career you want. Whether you’re taking the direct route or trying a new path, we’ll support you no matter what. THE ROLE_ // At Masabi, we’re building technology that makes public transport simpler, fairer and more accessible for millions of people. That only works if our platform is secure, trusted and reliable. As our Head of Security & Compliance, you’ll step into a role that is central to how we build trust with our customers and scale as a global SaaS business. You’ll own security and compliance end to end, shaping how we approach it as a company and how it works in practice day to day. You’ll lead a small team, bringing clarity, focus and direction as you build on solid foundations and evolve this area alongside the business. In the near term, you’ll focus on understanding where we are today, strengthening our approach to key areas like audits and compliance, and helping teams move forward with confidence. You’ll work closely with Engineering, Product and Legal to turn requirements into practical, well-executed outcomes. This is a senior role where you’ll stay close to the work, especially in the early stages. Over time, you’ll shape a more structured and scalable function, helping Masabi stay ahead of evolving standards and make thoughtful decisions around risk. LOCATION_ // This role is available in a fully remote model for candidates based in Romania RESPONSIBILITIES_ * Take ownership of security and compliance across Masabi, creating clarity on priorities and ways of working * Build a clear view of our current security posture and define a practical path to strengthen it over time * Define security and compliance requirements and work closely with Engineering and IT teams to ensure they are implemented effectively * Maintain existing compliance across PCI DSS, ISO27001, SOC2 and Cyber Essentials, and lead new compliance initiatives across additional standards such as ISO 27017 and ISO 27018 * Manage audits end to end, from preparation through to delivery and follow-up actions * Work closely with Engineering and Product teams to embed security practices in a way that supports delivery * Maintain a clear and actionable view of risk, helping the business prioritise what matters most * Build a more scalable approach to customer assurance, including clearer processes and reusable materials for customer and audit requests * Help guide decisions on which compliance standards we take on as we grow * Lead and support a small team, creating focus, trust and shared direction ABOUT YOU_ * You’ve worked in security and compliance within a payments, fintech or PCI-regulated environment * You have strong, hands-on experience with PCI DSS, ISO27001 and SOC2, including preparing for and delivering audits * You’ve personally owned and delivered compliance programmes, not just overseen them * You understand how security and compliance connect, and how to make them work in practice across a business * You’ve operated in a growing or scaling company, where you’ve had to bring structure and prioritise effectively * You’re comfortable driving work across teams without direct authority, and following through to completion * You bring sound judgement when balancing risk, delivery and commercial needs * You’ve supported or led a small team and know how to create clarity and accountability * You communicate clearly with both technical and non-technical audiences, helping people understand what matters and what action is needed NICE TO HAVE_ * Experience working with additional ISO standards such as ISO 27017 and ISO 27018 * Experience scaling security and compliance in a growing SaaS company, especially through periods of increased customer or regulatory demand * Relevant certifications such as CISSP, CISM, CISA or ISO27001 Lead Auditor or similar * Awareness of AI-related security and governance considerations, and how they may apply in a SaaS environment SOME OF OUR BENEFITS_ * 25 days holiday per year plus the Christmas Shutdown (another 3-4 days) * Premium medical care via Regina Maria * Mental health support * Menopause support * Regular social gatherings with a monthly allowance for each employee * Up to €1000 training budget per year * €200 to spend on your home office * Choice of workstation * Ability to work for up to 3 months per year from any country in the world Careers at Masabi are for people going places - driven by a mission to make transit fair and accessible for all. // We are a network of innovators from all walks of life, passionate about making a difference. At Masabi, we operate with openness and trust, creating an environment where everyone feels empowered to bring their whole, authentic selves to work. Whoever you are, just be yourself. // We welcome applications from underrepresented groups, including disabled and neurodivergent people, and can make adjustments at any stage of the process. You’re also welcome to share your pronouns whenever you feel comfortable. Together, we simplify journeys, remove barriers, and improve daily life for millions. Why Join Masabi? * Driven by Purpose – We believe in journeys made simple. The work isn’t always easy, but the best things never are. * Encouraged to Accelerate – Masabi is going places and our people are in the driving seat. Whether you’re taking the direct route or exploring new paths, we support your journey. * Advancing with Empathy – We put people first and foster a culture of learning, not blame. No matter your cargo, we share the load. We’re already powering journeys - are you ready to join us?
ABOUT US Humaans is building the next generation of infrastructure for the workplace; software designed for companies that are scaling fast, operating globally, and pushing into new boundaries. What started as a system of record has evolved into a broader platform for operating people globally. With Athena, our agentic AI layer, Humaans moves beyond data management into intelligent orchestration, connecting workflows across HR, IT, Finance, and Operations so organisations can act faster and with greater confidence, redefining how work gets done. We work with ambitious teams across Europe and the US, from AI-native companies like Lovable, Poolside, Fyxer AI, and Tandem Health, to established, high-growth organisations scaling internationally and through acquisition, including Quantexa, Sellpy, Manychat, Gigs, Croud, and Threecolts. These teams don’t buy software for features,they buy leverage. The ability to run faster, cleaner, and with more control as complexity compounds. To date, we’ve raised $20m in venture funding from some of the most respected founders, operators, and funds in technology: Lachy Groom (Physical Intelligence), Stewart Butterfield (Slack), Tobias Lütke (Shopify), Dylan Field (Figma), Jeff Weiner (LinkedIn), Claire Johnson (Stripe), Oliver Jay (OpenAI), Jay Simmons (Bond) as well as Y Combinator, Moonfire, Frontline Ventures, Pathlight Ventures, and Exor. If you have massive ambition and want to work on a hard problem, with a small team that moves fast, at a moment when the category is genuinely up for grabs - this is it. GRC AT HUMAANS We're looking for a Security GRC Manager to own the systems, processes, audits, and customer-facing trust work that help Humaans scale into more demanding markets. This is a hands-on ownership role, built around AI. You'll run our security compliance programme throughout the year, not just during audit season. AI is how the work gets done here. It drafts policies, speeds up questionnaire responses, and keeps evidence current. You already use these tools daily and know how to get real leverage from them. You'll own the operating rhythm for frameworks like ISO 27001, SOC 1, SOC 2, HIPAA and future standards that matter to our customers. You'll keep evidence organised, controls running, policies up to date, vendors reviewed, risks visible, and audits moving smoothly. Own the commercial trust layer. Security questionnaires, enterprise diligence, vendor reviews; fast, accurate, reusable. You'll be in the room with enterprise buyers; on calls, in reviews and procurement threads, ensuring security won't be the reason a deal slows down. This role sits at the intersection of Security, Legal, Product, Engineering, Revenue, and Operations. You don't need to be the person configuring every system yourself, but you do need to understand how modern SaaS companies operate, ask sharp questions, drive action across teams, and keep the bar high. Humaans has a trust function that helps us win. In this role, you'll ensure evidence is stronger, controls are cleaner, questionnaire turnaround is faster, ownership is clear. Security compliance is a commercial asset and enabler to growth. FOCUS / OWNERSHIP * Own Humaans' security compliance programme end-to-end, including ISO, SOC 1, SOC 2, HIPAA and future frameworks we choose to pursue. * Run audit cycles throughout the year, coordinating with external auditors, internal control owners, Engineering, People, Legal, Finance and Operations. * Maintain the controls, evidence, policies, risk register, access reviews, vendor reviews, business continuity processes, and incident response documentation that support our certifications and customer commitments. AI drafts and updates these artefacts and keeps evidence current year-round, not only at audit time. * Lead customer-facing trust work, including sales calls, security reviews, procurement processes, vendor questionnaires, RFPs, DPAs, subprocessors, data protection questions, and enterprise diligence. * Build AI-assisted systems for answering repeated security questions quickly and accurately. The answer bank drafts responses. Trust collateral stays current. A review process holds quality as volume scales. * Partner with Product and Engineering to translate compliance requirements into practical operational controls without slowing the company down unnecessarily. * Help the company make clear, risk-based decisions, escalating when something matters and cutting through noise when it doesn't. * Raise the maturity of how Humaans thinks about security, privacy, risk, and customer trust as we move upmarket. REQUIREMENTS * 4+ years of experience in security compliance, GRC, trust, audit, information security, privacy operations, or a closely related role. * Hands-on experience running or supporting audits across SOC 2, ISO 27001, SOC 1, HIPAA, GDPR, or similar frameworks. * AI is already part of how you work. You can point to what you built and what it changed; drafting policies, accelerating questionnaire responses, reviewing vendor documentation. * Direct experience supporting enterprise sales, procurement, RFPs, or security reviews. You can lead sales calls, answer security questions clearly, and give buyers confidence. * Strong written communicator. Crisp policies, questionnaire responses, audit narratives, internal guidance that people actually read. * Deep understanding of how modern B2B SaaS companies operate; cloud infrastructure, access management, vendor management, product development, customer data and enterprise sales. * Organised and detail-oriented. Evidence, control owners, audit timelines and customer commitments. * You know the difference between meaningful risk reduction and compliance theatre. * Able to work across teams and hold a high bar without becoming a blocker. * Energised by a high-growth, high-ownership environment where the playbook is still being written. * Built or owned a trust centre, customer-facing security portal, or security questionnaire answer library. This is an in-person role. Our team comes together in the office Monday through Thursday, while most of the team collaborates in person on Mondays, Tuesdays, and Thursdays. PACKAGE & BENEFITS Early stage startups can be messy – we know that. We're putting effort in providing you with the best employee experience and a quality driven environment in exchange for trusting us. * Market-leading compensation that reflects your value * 25 days paid time off each year plus public holidays * Share Options with 5-year exercise window so you don’t feel pressure to exercise if you leave * Free Thursday lunches at HQ, quarterly team events, and company offsites. * Top tier private coverage for health, vision and dental care * A new MacBook and tools you need to do your best work * Enhanced parental leave with up to 16 weeks for primary and 4 weeks for secondary * Learning & development budget WHY JOIN HUMAANS TODAY? HR tech is having its AI moment and we’re positioned to own it. Humaans started as a next-gen HRIS taking on large incumbents in a massive market. We’ve since evolved into something even bigger: an AI platform that sits across workforce data and automates the operational layer of HR entirely; the natural progression of what we’ve been building toward. The product is highly differentiated. It’s built around a structured workforce data model that makes AI reliable in an HR context, something no one else has gotten right. Customers notice the difference immediately. We’re backed by Y Combinator, Lachy Groom, Moonfire, Frontline Ventures, and operators who’ve built some of the most consequential software companies of the last decade: the founders of Slack, Figma, and Shopify, and Asana’s former CRO and Head of OpenAI International. We’re a small team with an unapologetically high bar. It shows up in the product, in how we communicate, and in the standards we hold each other to. OUR COMMITMENT TO DIVERSITY At Humaans we’re looking for genuinely good people that are transparent and emphatic. We’re committed to providing equal opportunities, a diverse and inclusive work environment, and ensuring a fair interview process for everyone. You’re welcome to apply no matter your gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. PRIVACY NOTICE We care about your privacy. When you apply for a role at Humaans, we’ll collect and process your personal data as part of our recruitment process. This includes things like your CV, contact details, and any other information you choose to share. We may also contact you about future opportunities. You can ask us to delete your data at any time. For more details, see our Privacy Policy.