This website uses cookies to ensure you get the best experience.

Pemo and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, that is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Pemo career site
Pemo HQ, Dubai, United Arab Emirates

Head of Security

Become a part of Pemo’s incredible team!

We’re bold, collaborative, and ego-free. We challenge each other positively, encourage courageous decisions, and always aim high. Excited to be part of something big? We’re hiring a Head of Security.

The Role

Pemo is establishing a dedicated security function to formalize and elevate our cybersecurity posture. As Head of Security, you will be the first owner of this critical function, responsible for maintaining our compliance standards, strengthening our security controls, and building the frameworks necessary for our regulatory roadmap.

This role requires balancing technical security work with governance and compliance. You will work closely with engineering teams to implement security best practices while maintaining the documentation and processes required for PCI-DSS, ISO 27001/SOC 2, and EMI license preparation.

Required Qualifications

  • 5–7 years of experience in information security, preferably in fintech or regulated industries

  • Strong technical foundation with ability to review system architecture and assess security controls

  • Hands-on experience maintaining compliance frameworks (PCI-DSS, ISO 27001, SOC 2)

  • Proven ability to work with engineering teams and translate security requirements into practical implementations

  • Experience with data privacy regulations and data localization requirements

  • Strong documentation and process design skills

  • Ability to manage vendor relationships and coordinate external audits

  • Experience with risk assessment methodologies and security frameworks

Key Responsibilities

Compliance & Governance

  • Maintain PCI-DSS Level 1 compliance and manage quarterly/annual audit cycles

  • Lead implementation of ISO 27001 or SOC 2 Type II certification

  • Manage and maintain the existing GRC system

  • Conduct regular risk assessments and maintain risk register

  • Develop and enforce information security policies and standards

  • Ensure compliance with PDPL and other applicable data protection regulations

Technical Security & Engineering Collaboration

  • Review system architecture and cloud infrastructure security

  • Provide security guidance during software development lifecycle

  • Assess and recommend security tooling (SAST, DAST, vulnerability management, CSPM)

  • Conduct threat modeling and security architecture reviews

  • Define security requirements for DevOps and software engineering teams

  • Oversee vulnerability management and remediation processes

  • Participate in incident response and conduct security investigations

Policy Implementation & Documentation

  • Develop Standard Operating Procedures (SOPs) for security operations

  • Create and maintain security documentation for audit and regulatory requirements

  • Build security awareness and training programs for engineering teams

  • Establish processes for security reviews and change management

  • Document security controls, data flows, and system access policies

  • Maintain security baselines and configuration standards

Data Protection & Privacy

  • Implement and maintain data classification framework

  • Ensure data residency and localization requirements are met across UAE/KSA operations

  • Design and enforce access control policies

  • Oversee data subject rights management and privacy incident response

  • Partner with engineering on privacy-by-design implementation

  • Conduct data protection impact assessments (DPIAs) as required

Vendor & Stakeholder Management

  • Manage relationships with external auditors, penetration testing firms, and security service providers

  • Coordinate security audits and ensure timely remediation of findings

  • Report on security posture, key risks, and metrics to CTO and executive leadership

  • Respond to customer security questionnaires and due diligence requests

  • Collaborate with Legal and Compliance teams on regulatory matters

Reporting Structure

This position reports directly to the CTO and will be the sole owner of the security function initially. The role involves close collaboration with Engineering, DevOps, Product, Legal, and Compliance teams.

Why Pemo?

Work your way with flexible hours and freedom to take time off when you need it. Join a global team of fintech experts, backed by $18M+ from top investors and named in Forbes ME Top 50. At Pemo, you’ll innovate, grow, and help shape the future of spend management in MENA.

A little more about our company

Pemo is a fintech company providing corporate expense management and card services in the UAE and KSA markets. We operate under full regulatory supervision and maintain:

  • PCI-DSS Level 1 certification

  • SAMA and CBUAE regulatory compliance

  • Cloud-agnostic microservices architecture on GCP Dammam region

  • PDPL compliance for data protection

We are backed by leading fintech investors including Cherry Ventures, Fintech Collective, and Speedinvest. At Pemo, we believe that all business owners deserve to be successful. Business owners deserve to spend their time and money doing what they do best - running their businesses. They deserve to stay in control of their finances, at any point in time, effortlessly! That's why we have built the all-in-one spend management platform that empowers MENA business owners and their teams.

With Pemo, company spending becomes easy, fast and transparent. Teams can spend smarter and autonomously. Business owners can run more efficient workplaces and keep control of their finances. Pemo gives superpowers to businesses so they can be bold and fast.

Locations
Pemo HQ, Dubai, United Arab Emirates
Pemo HQ, Dubai, United Arab Emirates

Head of Security

Loading application form

Applicant tracking system by Teamtailor