ABOUT THE TEAM
Payments Information Security
Head of Information Security
Recruiter Name, E-mail:
Kyro Murray, email@example.com
As a Sr. Information Security Manager of a regulated financial institution, you will be responsible for the highly complex environment promoting best practices right from the software design phase and enabling teams to navigate the complexities of security and privacy risks.
If you have a proven background in information security within modern agile cloud based architecture and development environments, as well as very strong communication and relationship skills, then you are the expert we are looking for.
WHERE YOUR EXPERTISE IS NEEDED
WHAT WE'RE LOOKING FOR
- Lead the risk treatment initiatives, recognize and onboard the right stakeholders to the risk treatment program;
- Maintain and improve the information security assessment process, provide support in performing security and risk assessments, and report risks;
- Manage certification and audit processes ensuring all compliance requirements are identified and monitored;
- Design and lead implementation of security controls for internal technology teams and other business units within Zalando Payments as well as outsourced functions, processes and services.
We celebrate diversity and are committed to building teams that represent a variety of backgrounds, perspectives and skills. All employment is decided on the basis of qualifications, merit and business need.
Zalando Payments builds the technologies for all financial transactions in the Zalando fashion store and our other consumer-facing apps. We work to deliver a flawless user experience in the checkout, as well as the processing of payments and reconciliation in the back-end. Through smart risk steering, we boost conversion and deliver a competitive advantage to our customers, taking in the entire financial process.
- Strong communication skills: you know how to explain the complex nature of security and privacy risks
- Solution driven and pragmatic mindset: you find practical albeit future-proof solutions which work for your stakeholders.
- Great relationship building skills: you build trust and understanding between all levels of a business units including the central security and compliance teams
- 5+ years of information security experience in a regulated industry and multidisciplinary experience in risk and program management as well as product development
- Strong knowledge of security program requirements coming from data security and privacy regulations and standards such as GDPR, ISO 27001, PCI DSS, or PSD2. CISSP, CISA, CISM or other security certifications are preferred