Director of Security and Compliance safeguarding digital assets and data with a focus on cybersecurity and compliance. Leading risk management, stakeholder engagement, and team leadership initiatives.
About the role
- Chief Information Security Officer responsible for leading information security strategy in a fintech company. Ensuring compliance and overseeing security risk management in a hybrid work environment.
Responsibilities
- Develop and execute the company’s information security strategy, aligning with business objectives and risk tolerance.
- Oversee the design and enforcement of security policies, protocols, and standards.
- Lead security risk assessments, vulnerability management, and incident response planning.
- Ensure compliance with industry regulations such as PCI DSS, PSD2, ISO 27001, GDPR, and other local/international standards.
- Collaborate closely with engineering, product, and legal teams to embed security in product and infrastructure development.
- Establish robust third-party risk management processes for vendors and partners.
- Monitor threat intelligence, identify emerging risks, and proactively adapt security posture.
- Build and mentor a high-performing security team, fostering a culture of security across the company.
- Report regularly to executive leadership and the board on security posture, incidents, and ongoing improvements.
Requirements
- Proven experience (7+ years) in information security leadership, with at least 3+ years in a fintech or payments company.
- Deep understanding of payment systems, digital wallets, card processing, and transaction security.
- Strong knowledge of security frameworks and compliance standards relevant to fintech.
- Experience with cloud security (e.g., AWS, GCP, Azure) and DevSecOps principles: experience in building secure SDLC and enable DevSecOps processes
- Experience in building RBAC in services and company-wide, implementation of SSO\IDP
- Hands-on expertise in managing security incidents, audits, and regulatory inquiries.
- Exceptional communication skills with the ability to influence stakeholders at all levels.
- Relevant certifications (CISSP, CISM, CISA, PCI ISA, etc.) are a strong plus.
- Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
- Hands-on experience with FortiGate (VPN, WAF, Network perimeter)
- Fluency in English and Russian languages (both spoken and written)
Benefits
- Opportunity to shape the security landscape of an innovative fintech company.
- Collaborative, mission-driven environment with a focus on impact.
- Competitive salary and benefits package.
- Flexible/remote work options.
- Continuous learning and development opportunities.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Risk & Compliance Analyst supporting the maintenance of ISO 27001 standards. Contributing to risk assessments and compliance across AAB’s Business Protection Team.
Information Security Risk & Compliance Analyst at AAB managing compliance with ISO 27001, supporting enterprise risk assessments and enhancing information security systems.
Information Security Risk & Compliance Analyst at AAB focusing on ISO 27001 compliance and information security management. Collaborating across teams to ensure robust risk and compliance frameworks.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Cloud Security Architect supporting federal customer projects focused on architecture and security solutions. Conducting risk assessments and defining security requirements within a cloud environment.
Information Security Specialist responsible for enhancing cybersecurity posture through incident management and compliance. Collaborating with cross - functional teams to monitor threats and implement security measures.
Senior Lead Info Security Architect leading and collaborating on cybersecurity solutions at TIAA. Responsible for secure design and implementation of cloud security strategies and practices.
Part Time Security Officer providing protection for Collector's personnel and assets at trade shows across North America while reporting to Security Shows & Transportation Manager.
Enterprise Security Architect at PBCN GmbH designing and implementing security architectures. Collaborating with teams to ensure application security and conducting risk assessments.