Career Opportunities at Earlybird Portfolio Companies

Are you seeking a new challenge at a growing startup where you can truly make a difference, take ownership, help build a function and change the world of tomorrow for the better? Below you'll find open jobs from the entire #EBVCGang. We are also hiring at Earlybird! If you want to work with us, please send us your application.

Head of Security

FintechOS

FintechOS

IT
Bucharest, Romania
Posted on Wednesday, September 27, 2023

Who we are in a nutshell

👋🏻 Hi, we are FintechOS! We are the global leader in fintech enablement, with a mission to make fintech innovation available to every company. The FintechOS platform simplifies and accelerates the launching, servicing, and expansion of financial products and services, helping businesses recognize value up to ten times sooner than with other approaches: with FintechOS, banks, insurance providers, and other companies can get up and running with new financial solutions in as little as 12 weeks.

About the role

We are currently looking for an experienced HEAD OF SECURITY, working in the Customer Technology Operation division who will support all the organization areas to provide oversight, guidance, and technical advice on security aspects based on best practices, policies and technologies.

What you'll be doing

  • Maintain information security risk management implemented framework by identifying, analyzing and controlling risks specific to confidentiality, integrity and availability.
  • Coordinate company initiatives as a support point for the business from the security perspective and participate in the projects across SDLC.
  • Play a critical role in safeguarding our organization against security threats and risks.
  • Propose and coordinate security initiatives to address, prevent or reduce identified security risks.
  • Contributes to the establishment of the security strategy in the scope of information assets protection and business support.
  • Implement strategies and solutions to minimize the impact of business disruptions and ensure rapid recovery.
  • Maintains and ensures alignment and conformity with requirements from well-known certifications in the field of security - ISO 27001, CSA STAR, SOC 2 type 2 including both, the internal infrastructure and the managed services offered to the clients.
  • Ensure compliance with relevant data protection regulations (e.g., GDPR).
  • Establish and maintain data privacy practices and controls.
  • Manage security audits and assessments, addressing findings and recommendations.
  • Developing, implementing, and overseeing all aspects of our security strategy and initiatives. You will collaborate closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data.
  • Proposes solutions and risk treatment strategies (mitigation, transfer, acceptance, rejection)
  • Proposes measures and countermeasures to reduce the risk to an acceptable level
  • Participates in the risk management process from the security perspective;
  • Analyzes business processes and requirements according to Business Impact Analysis
  • Prioritize the implementation of security measures
  • Coordination of the SOC team in analyzing, investigating and reporting security incidents
  • Approves from the point of view of compliance the changes on the IT systems and functions proposed by the technical teams and controls the way of accomplishment
  • Interacts directly with other departments in the organization to facilitate risk assessment and risk management processes and also plays the role of evangelist for the security area.
  • Permanently develops and improves the information security management framework, following and aligning the requirements and recommendations coming from the customers and regulatory bodies.
  • Continuously performs technical security assessments of the organization's information technology systems (cloud infrastructure, applications, networking, internally developed applications etc.) and also evaluates secure configuration against policies and procedures internally defined.
  • Lead and manage the security team, fostering a security awareness and collaboration culture.
  • Collaborate with executive leadership to communicate security priorities, risks, and solutions.
  • Maintains a high standard of security awareness of the company's employees.
  • Oversees and maintains a comprehensive business continuity plan to ensure the organization's ability to operate during disruptions.

What you'll need:

• Bachelor's degree in computer science or a related field and over 6 years of proven work experience in the field of security management including leadership positions.

Technical competencies:

  • Solid understanding of cloud computing models, technologies, and concepts.
  • Security experience in ethical hacking activities or passion for this subject, mainly testing methodologies like OWASP, OSSTMM or NIST;
  • In-depth technical knowledge in the field of IT systems administration, specific security technologies, such as communication protocols, routing, VPN technologies, hacking and threat modelling techniques, IDS/IPS and firewall technologies, and cloud security infrastructure - Azure.
  • basic elements in the field of scripting programming necessary for automation as well as secure coding practices and methods.
  • Good knowledge of local and European legislation on information security, international security standards and recommendations (e.g.: ENISA), European data protection legislation and practices
  • Hands-on experience with security technologies, tools, and solutions.
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively across teams.
  • Very good perception of the business needs, the strategy of the organization and excellent communication skills.
  • Prompt reaction and anticipation of possible consequences, fast evaluation and identification of solutions.

Certifications (optional):

• CISSP, CISM, CISA

Our culture

· We are a highly motivated bunch of people, taking on a huge technical challenge in one of the biggest industries in the world. We're fully aware that the impact of our work can be felt by hundreds of millions of people around the world.

· At FintechOS, we strive to be the place where a diverse mix of talented people want to come, stay, and do their best work. Our commitment to diversity and inclusion is reflected in our people, our partners, and our customers.

· We are fully focused on equality and believe deeply in diversity of race, gender, sexual orientation, religion, ethnicity, national origin, and all the other wonderful characteristics that make us different.

Quick Facts

· We are a venture-backed business co-headquartered in New York and London

· We have a big list of international clients already under our belt, serving customers in North America and Europe.

· Our customers range from globally strategic companies like Groupe Société Générale, Admiral Group, and BPCE Oney, to game-changing players like Vibrant, eMag, and Howden

· Our partners include both niche consulting agencies and global consulting firms and systems integrators, including Deloitte, EY, and PWC.