Head of Cyber & Information Security

The Head of Cyber & Information Security (Romania) is responsible to oversee all cyber security operations within the country and its associated operating companies, which also includes the company's subsidiaries, acquisitions, and secondary brands. Such responsibility also includes adequate oversight of supplier risk management, and leading the collaboration in the deployment of new security tools as requested in the global strategy, and in the response to cyber incidents affecting their local market Last but not least, as the Head of Cyber Security for Romania will serve as the primary contact for national cyber security government agencies, the person occupying such position may need to possess/obtain appropriate security clearance. Ensure compliance with industry regulations, standards, and best practices related to payment security. Collaborate with internal and external auditors to conduct security assessments and address findings. Obtain and continuously maintain operational excellence on the local market, achieving and maintaining ISO27001 standard for the local operations and data centres, where deemed appropriate. Uses the cybersecurity resources and skills necessary for the implementation of projects within the government private cloud in order to expand the capabilities in the field and develop specific projects in the field of cybersecurity; Develop and execute a comprehensive cybersecurity strategy aligned with the company's business objectives. Provide visionary leadership on security-related matters, staying abreast of industry trends and emerging threats. Influence strategic decisions regarding the cyber security baseline and engages with local authorities to support the achievement of the technology strategy, operating model, and plan. Provide comprehensive interpretations/understandings of his professional field to the interested business stakeholders. Risk Management: Assess and prioritize security risks, ensuring that potential vulnerabilities are identified and addressed promptly. Strong background in cyber security operations, risks and controls identification and assessment Collaborate with cross-functional teams to implement risk mitigation strategies and contingency plans. Security Architecture: Design and implement robust security architectures for payment systems, ensuring the confidentiality, integrity, and availability of sensitive information. Evaluate and recommend security technologies, tools, and processes to enhance the organization's security posture. Utilize sophisticated analytical thinking to guide and support the technical operations of cyber security platforms throughout their entire lifecycles. Proactively detect, identify and respond to security risks and vulnerabilities by implementing an effective response plan and maintaining a consistent approach throughout the security platform lifecycle. Deliver cyber-security improvements and projects in the market, ensuring the effectiveness of control processes and develop future security capability plans with key partners/vendors. Incident Response and Forensics: Develop and maintain incident response plans to address security incidents promptly and efficiently. Conduct forensic investigations in the event of a security breach, ensuring thorough analysis and documentation. Notify cybersecurity incidents and/or create cybersecurity incident response teams - CEH Certified Ethical Hacker; Not a perfect fit? Worried that you don't meet all the desired criteria exactly? If you're excited about this role but your experience doesn't align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in. Internal Wellbeing & Recognition events Extra vacation days for special events - Mandatory to hold the COBIT® - Control Objectives for Information and related Technology certification, and, additionally, at least three Certifications of the following: - CISA (Certified Information Systems Auditor); - CISSP (Certified Information Systems Security Professional); - CISM (Certified Information Security Manager); - CRISC (Certified in Risk and Information Systems Control); - CDPSE (Certified Data Privacy);