My client is a fast growing and highly ambitious fin-tech company in the consumer finance space. They are looking for an Information Security Manager to be based at their Estonian office in beautiful Tallinn.
This is an extremely exciting time for the organisation, building new platforms and hiring at the quickest rate in their history all whilst attracting record numbers of customers attracted by their innovative approach to the sector.
The Information Security Manager reports to the CTO and is be responsible for the support and management of information security across the organisation, with special emphasis on Cyber Security and experience in ISO27001 & PCI DSS.
The ideal candidate will be technically astute having previously worked in the information security/information risk management field and experience working with regulatory frameworks You'll need to be a solutions focussed with an eye for detail.
- supporting the development, implementation and management of security policies and procedures to ensure they remain aligned with business objectives and meet regulatory requirements
- monitoring regulations and trends that affect financial institutions as well as establishing effective restrictions to cybercrime
- developing and maintaining information security risk assessments designed to evaluate inherent risks, controls, and to quantify residual risks, as appropriate
- planning and supporting vulnerability management programs, including the scheduling of assessments, production of reports and interpretation of results
- ensuring adequate security defenses, systems and settings are in place to protect against intrusion, theft, destruction or misuse of confidential information
- ensuring members, assets, records and confidential/proprietary information are protected (including intellectual property)
- serving as a Subject Matter Expert to develop, administer and deliver information security training programs to staff, and directing awareness initiatives
- evaluating compliance and developing plans for compliance with regards to information security
The ideal candidate should have:
- previous experience in the information security/information risk management field, preferably in a financial organisation
- demonstrated experience working with regulatory frameworks, requirements and standards (e.g. ISO2700x, PCI DSS, COBIT, etc.)
- achieved or actively working towards certification, such as CISM, CISSP, CISA
- the ability to design, utilize and manage a wide range of defensive security technologies
- a strong capability of assessing and ranking risk as well as managing residual risk. Managing system of internal controls include culture, governance, policies, preventive and detective control and scenario planning
- good technical knowledge relating to IT and information security architecture, communications, operations, applications, etc.
- a good technical understanding of software development and programming principles
- excellent spoken and written English skills
- a Bachelor's degree in Cyber Security, Engineering, Computer Science, or related field of study
If you are interested in building your career within a dynamic, multicultural team and strong international investors then this is the right place for you.
- cyber security
- on security