Chief Information Security Officer (CISO)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Chief Information Security Officer (CISO): Establishing and continuously maturing an information security program for a regulated core banking SaaS platform with an accent on ISO/IEC 27001:2022 governance, DORA-ready compliance, and independent security gatekeeping. Focus on building security processes, controls, reporting, and incident/assurance mechanisms that support regulatory examiners and certification audits.
Location: Cyprus-based hybrid role (open to candidates already in Cyprus or ready to relocate)
Company
CPS IT Solutions is a core banking technology and SaaS provider based in Limassol, Cyprus.
What you will do
- Establish and maintain the Security Policy and topic-specific policies/procedures, including SDLC, aligned with ISO/IEC 27001:2022.
- Act as an independent security gatekeeper under ISO 27001 and review/sign off on technical risk profiles for releases and architectural changes.
- Own DORA-Ready validation, maintain the DORA Data Sheet and subcontractor registers, and support DORA Register of Information and annual ICT risk assessments.
- Govern the security incident response process, including escalation workflows, notification targets, and SLA thresholds for major-incident reporting windows.
- Implement security dashboards and reporting for DORA-regulated clients; coordinate with client audit teams on ISMS and BCDR plan reviews.
- Run independent quarterly audits of administrative access logs and permission changes, and support threat-driven penetration and business continuity testing.
Requirements
- 5+ years of information security leadership experience, preferably in a CISO capacity, within regulated financial services (fintech, banking, payments, EMI, or regulated SaaS).
- Deep knowledge of ISO/IEC 27001:2022, DORA, ISMS, risk management, and security controls.
- Solid AWS cloud security knowledge, including network segregation, VPC design, multi-tenant database isolation, and IAM principles.
- Professional certifications such as CISSP, CISM, CRISC, or equivalent; AWS security certifications are a strong asset.
- Strong verbal and written communication skills in English.
- Cyprus-based hybrid role: candidates must be in Cyprus or be ready to relocate to Cyprus.
Culture & Benefits
- High-ownership role shaping the security function from an early stage.
- Close collaboration with senior stakeholders across product, technology, compliance, and business.
- Hybrid setup based in Cyprus.
- Hands-on involvement while building security processes, controls, and reporting.
- Primary technical point of contact for regulatory examiners (CSSF) and external ISO 27001 certification auditors.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →