Назад
Company hidden
16 часов Π½Π°Π·Π°Π΄

Information Security Risk Manager (Fintech)

Π€ΠΎΡ€ΠΌΠ°Ρ‚ Ρ€Π°Π±ΠΎΡ‚Ρ‹
hybrid
Π’ΠΈΠΏ Ρ€Π°Π±ΠΎΡ‚Ρ‹
fulltime
Π“Ρ€Π΅ΠΉΠ΄
senior
Английский
c1
Π‘Ρ‚Ρ€Π°Π½Π°
Spain
Вакансия ΠΈΠ· списка Hirify.GlobalВакансия ΠΈΠ· Hirify Global, списка ΠΌΠ΅ΠΆΠ΄ΡƒΠ½Π°Ρ€ΠΎΠ΄Π½Ρ‹Ρ… tech-ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΉ
Для мэтча ΠΈ ΠΎΡ‚ΠΊΠ»ΠΈΠΊΠ° Π½ΡƒΠΆΠ΅Π½ Plus

ΠœΡΡ‚Ρ‡ & Π‘ΠΎΠΏΡ€ΠΎΠ²ΠΎΠ΄

Для мэтча с этой вакансиСй Π½ΡƒΠΆΠ΅Π½ Plus

ОписаниС вакансии

ВСкст:
/

TL;DR

Information Security Risk Manager (Fintech/Cybersecurity): Primary operational owner of the ICT Risk Management Framework within the second line of defence with an accent on DORA, ISO 27001, and PCI DSS requirements. Focus on executing the RCSA cycle, managing the Eramba GRC platform, and coordinating security monitoring oversight.

Location: Hybrid in Estepona/Malaga, Spain

Company

hirify.global is a leading payment service provider offering omnichannel and advanced payment solutions to businesses across Europe.

What you will do

  • Maintain and develop the ICT risk register and execute the RCSA cycle for ICT risk domains.
  • Own the ISMS policy suite in line with ISO 27001 and DORA, coordinating security monitoring oversight.
  • Support DORA obligations, including ICT incident classification and major incident reporting.
  • Lead PCI DSS v4.0 governance as the primary owner of compliance oversight and contact for QSA.
  • Manage the Eramba GRC platform, including data structure, user access, and module configuration.
  • Provide second line of defence oversight of ICT third-party risk and liaison for annual IT audits.

Requirements

  • 5-8 years of experience in ICT risk management or information security within a DNB-supervised financial institution.
  • Demonstrable experience with DORA, ISO/IEC 27001, and PCI DSS v4.0.
  • Hands-on experience with GRC platforms such as Eramba, including RCSA execution and KRI reporting.
  • Bachelor's or Master's degree in Information Security, Computer Science, Risk Management, or equivalent.
  • English: C1 level (strong written and verbal communication skills required).

Nice to have

  • Certifications such as ISO 27001 Lead Implementer, CISM, or CRISC.
  • PCI DSS certification or practical experience.
  • Proficiency in Dutch.

Culture & Benefits

  • Competitive salary and benefits package.
  • Free Spanish classes and optional afterwork sports activities.
  • Opportunities for professional growth.
  • Collaborative environment within a diverse international team.

Π‘ΡƒΠ΄ΡŒΡ‚Π΅ остороТны: Ссли Ρ€Π°Π±ΠΎΡ‚ΠΎΠ΄Π°Ρ‚Π΅Π»ΡŒ просит Π²ΠΎΠΉΡ‚ΠΈ Π² ΠΈΡ… систСму, ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΡ iCloud/Google, ΠΏΡ€ΠΈΡΠ»Π°Ρ‚ΡŒ ΠΊΠΎΠ΄/ΠΏΠ°Ρ€ΠΎΠ»ΡŒ, Π·Π°ΠΏΡƒΡΡ‚ΠΈΡ‚ΡŒ ΠΊΠΎΠ΄/ПО, Π½Π΅ Π΄Π΅Π»Π°ΠΉΡ‚Π΅ этого - это мошСнники. ΠžΠ±ΡΠ·Π°Ρ‚Π΅Π»ΡŒΠ½ΠΎ ΠΆΠΌΠΈΡ‚Π΅ "ΠŸΠΎΠΆΠ°Π»ΠΎΠ²Π°Ρ‚ΡŒΡΡ" ΠΈΠ»ΠΈ ΠΏΠΈΡˆΠΈΡ‚Π΅ Π² ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΡƒ. ΠŸΠΎΠ΄Ρ€ΠΎΠ±Π½Π΅Π΅ Π² Π³Π°ΠΉΠ΄Π΅ β†’