Chief Information Security Officer

We are looking for a Chief Information Security Officer (CISO) who has experience of working in the finance industry and is looking to break through to the next level. Qliro has an established ISMS and has reached a mature level in compliance with ISO27001. We are now looking for a candidate that will take Information Security to the next stage while being able to do that working in a very agile and fast-moving organisation. We recently became a PCI-DSS compliant company and looking at the future we see that cloud security and DORA will be our main challenges. In your role your main stakeholders are Tech, DPO, Legal, Risk and Compliance.

Qliro has a track record of delivering new products and services at unmatched speed. We are active in an exciting intersection of the e-commerce, payment and financial services markets. We target both leading online merchants and millions of Nordic consumers seeking superior digital payments and consumer finance products.





What you’ll do:

- Manage the ISRM (Information security and Risk management) team.
- Responsible for InfoSec governance (development and maintenance of documentation, processes, risk management)
- Responsible for Business continuity process
- Responsible for end user training and awareness on all levels (employees, management, Board)
- Responsible for Third party risk management (vendor onboarding, annual vendor reviews etc.)
- Main contact for internal and external auditors
- Perform annual internal InfoSec reviews on different areas (User access, Backup, Patching etc.)
- Assessing the security maturity and reporting to relevant stakeholders
- Being InfoSec stakeholder in different groups and risk analysis processes (Tech management, NPAP, vendor management, Go To Cloud, Privacy etc)
- Leading InfoSec committee
- Working experience with GDPR technical and organizational controls
- Implementing Privacy controls (technical and organizational) as first line in the privacy process in compliance with GDPR
- Leading Privacy form and coordinating Privacy guardians’ meetings
- Responsible and main contact for physical security process




We believe you:

- 3-5 years leading InfoSec team or senior InfoSec function (CISO or Head of InfoSec)
- Experience from working in finance industry
- Experience with working with relevant frameworks or certificates - ISO27001, PCI DSS, CISA, CISSP
- Some tech background would be ideal (Dev or IT Ops)
- Good communications skills - must be able to communicate and explain security on all levels with all organizational units


Good to have:

- Experience with implementing security in Cloud environment
- Some Tech background will be an advantage


WOW in everything we do

We work hard to create a workplace that is diverse and inclusive with employees from over 30 countries from all over the world. We believe in the power of collaboration and empowering each other, and we strive to create a wow experience in our way of working. We see our future way of working as a hybrid way of working with a mix of working in the office and working remotely. We believe in the power of meeting each other in real life and want our office to be a space for collaboration and creativity, where we can meet in person and bring out the best in one another. Together, we will ensure we continue to create WOW in everything we do.