Information Security Officer

At PPRO, our mission is to simplify access to local payment methods and our vision is to enable the sale of goods and services to anyone in the world using their preferred way to pay. We empower partners such as Ant Group, PayPal and Stripe to access new markets, connect with more customers, and accelerate their growth.

Our strength lies in our diverse global team with 50+ nationalities and 10+ international locations- all united around one goal – to deliver the best possible products and services to our partners and customers. While our company mission is to keep innovating global commerce, our internal mission is to #chooseaction, #beopen, #thinkcustomer, #gofurther and #wintogether.

The Purpose:

You’ll join a growing GRC team responsible for keeping the company secure and compliant. As an Information Security Officer, you will play a critical role in ensuring the security of PPRO and our customers, safeguarding our organisation's information assets and ensuring compliance with industry standards and regulations.

PPRO is a cloud-native FinTech, operating payment services hosted in AWS and GCP. The GRC team within PPRO acts as a second line of defence, ensuring the management of Security Policies, Risks and Compliance with regulatory requirements.

We provide innovative technology solutions, which means you will work in an exciting and fast-paced environment, driving innovations in how we manage security.

What you will be doing:

• Ensuring the identification and management of security risks by performing comprehensive risk assessments.
• Contribute to the creation and implementation of pragmatic, effective and efficient security policies, in alignment with business goals and industry best practices.
• Design and perform oversight to ensure we remain compliant with applicable laws, regulations and standards.
• Foster a culture of security awareness across the organisation, providing training to employees on security best practices, highlighting relevant risks and driving ownership and accountability for business areas’ security activities.
• Collaborate with technology teams to ensure security is embedded in system designs and implementations.
• Interact with suppliers and customers to build PPRO’s reputation as a best-in-class secure services provider.
• Manage suppliers and customers audits & questionnaires.
• Take part in internal and external audits.
• Implement pragmatic solutions to address recommendations from independent assessments and audits.
• Support PPRO’s incident response and resilience plans.

You will need to have:

• A proactive, results-oriented mindset with the ability to work independently and as part of a team.
• Proven experience in security management, risk assessment, and compliance, with at least five  years of experience in a security role.
• Excellent knowledge of regulatory frameworks (CSSF/EBA, DORA, FCA, GDPR).
• Excellent communication skills.
• Excellent written and spoken English skills.
• Commitment to diversity and inclusion and the ability to foster an inclusive culture.
• Curiosity, a growth mindset and a commitment to continuous learning and innovation.
• Strong interpersonal skills, able to communicate across a broad range of stakeholders (technical and executive) and influence outcomes.

Nice-to-haves:

• Excellent knowledge of industry standards (PCI DSS, ISO 27001, SOC2).
• Experience identifying, managing and mitigating security risks in a cloud-native environment.
• Professional certifications such as CISSP, CISM, or CISA preferred.
• Experience managing security in Cloud hosting such as AWS, GCP, Azure.
• Solid understanding of Kubernetes, Networking, Operating Systems.
• Solid understanding of DevSecOps practices and CI/CD security requirements.
• Knowledge of banking/payments, software development and/or FinTechs is appreciated.