Назад
Company hidden
2 дня назад

Chief Information Security Officer (CISO)

Формат работы
hybrid
Тип работы
fulltime
Грейд
c_level
Английский
b2
Страна
Cyprus
Релокация
Cyprus
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Chief Information Security Officer (CISO): Establishing and continuously maturing an information security program for a regulated core banking SaaS platform with an accent on ISO/IEC 27001:2022 governance, DORA-ready compliance, and independent security gatekeeping. Focus on building security processes, controls, reporting, and incident/assurance mechanisms that support regulatory examiners and certification audits.

Location: Cyprus-based hybrid role (open to candidates already in Cyprus or ready to relocate)

Company

CPS IT Solutions is a core banking technology and SaaS provider based in Limassol, Cyprus.

What you will do

  • Establish and maintain the Security Policy and topic-specific policies/procedures, including SDLC, aligned with ISO/IEC 27001:2022.
  • Act as an independent security gatekeeper under ISO 27001 and review/sign off on technical risk profiles for releases and architectural changes.
  • Own DORA-Ready validation, maintain the DORA Data Sheet and subcontractor registers, and support DORA Register of Information and annual ICT risk assessments.
  • Govern the security incident response process, including escalation workflows, notification targets, and SLA thresholds for major-incident reporting windows.
  • Implement security dashboards and reporting for DORA-regulated clients; coordinate with client audit teams on ISMS and BCDR plan reviews.
  • Run independent quarterly audits of administrative access logs and permission changes, and support threat-driven penetration and business continuity testing.

Requirements

  • 5+ years of information security leadership experience, preferably in a CISO capacity, within regulated financial services (fintech, banking, payments, EMI, or regulated SaaS).
  • Deep knowledge of ISO/IEC 27001:2022, DORA, ISMS, risk management, and security controls.
  • Solid AWS cloud security knowledge, including network segregation, VPC design, multi-tenant database isolation, and IAM principles.
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent; AWS security certifications are a strong asset.
  • Strong verbal and written communication skills in English.
  • Cyprus-based hybrid role: candidates must be in Cyprus or be ready to relocate to Cyprus.

Culture & Benefits

  • High-ownership role shaping the security function from an early stage.
  • Close collaboration with senior stakeholders across product, technology, compliance, and business.
  • Hybrid setup based in Cyprus.
  • Hands-on involvement while building security processes, controls, and reporting.
  • Primary technical point of contact for regulatory examiners (CSSF) and external ISO 27001 certification auditors.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →