Descripción de la oferta
Chief Information Security Officer (CISO)Location: RemoteSchedule: Full-timeLos candidatos deben tomarse el tiempo de leer atentamente todos los elementos de este anuncio de empleo. Por favor, envíen su solicitud sin demora.ResumenWe are seeking a highly experienced security and risk executive to join Criptan as the ultimate owner of information security, compliance, and enterprise risk management. Reporting directly to the Board, this role is critical to safeguarding our organization, ensuring regulatory alignment, and embedding a culture of security across all business units. The successful candidate will lead the design and oversight of security frameworks, act as the primary liaison with regulators and auditors, and provide strategic direction to protect Criptan's operations, infrastructure, and stakeholders.ResponsabilidadesAct as the executive owner of information security and risk management, reporting directly to the Board. Develop and maintain a comprehensive security and compliance strategy aligned with Criptan's business goals and European regulatory requirements (MiCA, DORA, GDPR, ISO-27001, SOC-2). Oversee the design and governance of security policies, frameworks, and internal controls across all business units. Lead the enterprise risk management function, including cyber risk, operational risk, third‑party/vendor risk, and business continuity.Serve as the primary point of contact with regulators, auditors, and external stakeholders on information security and compliance matters. Provide regular risk and security updates to the Board, including dashboards, KPIs, and strategic recommendations. Supervise security audits, penetration tests, and certifications, ensuring continuous improvement of Criptan's security posture.Champion a security culture across the organization, providing leadership, training, and communication at all levels. Ensure that engineering and operations teams integrate security by design into the technical stack.Backend: Node.jsFrontend / Mobile / Web: FlutterDatabases: MySQL, DynamoDB, RedisInfrastructure: AWS (multi‑AZ, containerized workloads, IAM, WAF, monitoring, etc.)Requisitos~5+ years of progressive experience in information security, risk, or complianceProven success in regulated financial services, fintech, or crypto environments, including engagement with regulatorsDeep knowledge of European regulatory frameworks (MiCA, DORA, GDPR) and international standards (ISO-27001, SOC-2, NIST)Recognized professional certifications highly desirable: CISSP, CISM, CISA, ISO-27001 Lead Implementer/AuditorFamiliarity with modern cloud‑native technology stacks (AWS, Node.js, Flutter, MySQL) is a plus, but focus is on governance, not hands‑on codingxohynlm Contact information: Hay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.
#J-18808-Ljbffr