CISO (Chief Information Security Officer) About us: Paysera is the first fintech company in Lithuania and an EU licensed e–money institution. We provide fast, convenient, and affordable financial services globally. Our services range from a payment gateway for e–shops, a finance management app, and money transfers worldwide.
With over 1 million app installs and growing, we aim to become an industry–leading super app that provides financial and lifestyle services across the globe. At Paysera, we are a start–up minded team, which means we thrive in a fast–paced environment and seek open communication while placing great focus on establishing our core company values. Join our vibrant international team of 500 people across 15 different cities worldwide.
The CISO (Chief Information Security Officer) is a senior–level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.
Your key responsibilities: - Responding to data breaches and other security incidents;
- Anticipating, assessing, and actively managing new and emerging threats;
- Developing, implementing, and maintaining security processes within departments, especially IS/IT (e.g., automated or manual security checks for delivered production code for products and services);
- Working with other executives across different departments to align security initiatives with broader business objectives and mitigate the risks various security threats pose to the organization's mission and goals;
- Establishing and revising the information security strategy, policy, and standards for change management and control with input from interest groups and subsidiaries;
- Facilitating and coordinating the necessary countermeasures to change management and control initiatives and evaluating such policies and standards;
- Establishing the security requirements for change management and control directives and approving the change management and control standards and change control/version control products;
- Coordinating the overall communication and awareness strategy for change management;
- Establishing and coordinating appropriate interest group forums to represent, feedback, implement, and monitor change management and control initiatives;
- Coordinating the implementation of new or additional security controls for change management;
- Acknowledging the change impact assessments;
- Working as an internal and external security expert;
- Becoming a trusted business advisor;
- Becoming a teacher, mentor, and colleague in other departments related to the position responsibilities;
- Establishing a security focus team as required;
- Maintaining a secure environment like PCI–DSS;
- Implementing position–related projects like SIEM by directly coordinating assigned team and/or specialists through project management and delivery processes;
- Conducting and/or coordinating security audits internally and externally;
- Performing routine daily tasks using ChatGPT or a similar tool to enhance efficiency and productivity.
What we're looking for: - Analysis of standards, legal acts, and other documents establishing cyber and data security standards adopted by the Republic of Lithuania, the EU, and other international organizations;
- Ensuring compliance with established cyber and data security requirements;
- Identification, analysis, and assessment of risks arising from data processing and information security;
- Identifying, assessing, and proposing improvements to missing cyber and data security capabilities;
- Gathering information on cyber and data security;
- Analysis of cyber and data security threats;
- Participation in the development of cyber and data security capabilities;
- Preparation of company policies on information security issues;
- Cooperation with the supervisory authority in the field of personal data protection;
- Submission of quarterly reports to the Head of the Institution;
- Execution of other work assigned by the immediate supervisor;
- Implementing direct duties in accordance with the requirements of applicable legal acts, the procedures of the Institution, and other internal acts regulating the performance of the employee's functions and duties;
- Working as part of the Information Systems Department on security–related projects as a Project Manager;
- Implementing security–related processes within other departments;
- Hiring security personnel as required;
- Creating periodic reports on the company's security situation;
- Assisting the company as a main contact for external audits like PCI–DSS certification.
For candidates: Only selected candidates will be contacted, but we are grateful to all who send their CV.
Location: Lithuania, Bulgaria, Ukraine, Poland, Georgia
Depends on candidate's experience and competence.
#J-18808-Ljbffr