Information Security Manager

WHO WE ARE

AtPapel Holdings, we're not just another Fintech company. We're on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we're transforming how people interact with money.

Careers at Papel suit those who want to have an impact, who are comfortable getting uncomfortable, willing to take risks and win big. We are brave, laser-focused and have high aptitude, with a little playfulness for good measure. If you're someone who thrives on high accountability, possesses a start-up spirit, and flair for industry-savvy solutions, you'll fit right in.

If this resonates with you, you'll have the opportunity to make a real impact and be part of something that's changing how we interact with money and wealth.

POSITION OBJECTIVE

The Information Security Manager at Papel is a critical role responsible for overseeing and managing the organization's information security program, ensuring the confidentiality, integrity, and availability of our digital assets. This role encompasses the implementation and management of Payment Card Industry Data Security Standard (PCI DSS) compliance, penetration testing, and other relevant security measures/controls. The ISM will work closely with various departments and stakeholders to develop and maintain a robust cybersecurity posture that aligns with Papel's business objectives and risk appetite.

RESPONSIBILITIES

• Develop, implement, and maintain a comprehensive information security program, including policies, procedures, and controls, to protect the company's assets, ensuring compliance with regulatory requirements and industry best practices.
• Manage the implementation and maintenance of PCI DSS compliance, ensuring the company meets all relevant requirements and undergoes regular audits.
• Implement and adhere to ISO 27001 standards.
• Oversee and coordinate penetration testing activities, including vulnerability assessments, penetration testing, and security incident response, to identify and remediate potential security risks.
• Collaborate with various departments and stakeholders to assess and address information security risks, ensuring that risk mitigation measures are in line with business objectives and risk appetite.
• Monitor and analyse emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures to protect the company's assets.
• Develop and deliver cybersecurity awareness and training programs to educate employees on the importance of information security and their role in maintaining a secure environment.
• Manage relationships with external vendors and partners, ensuring that information security requirements are effectively communicated and integrated into third-party contracts and agreements.
• Work with other stakeholders such as technical architects, product managers, developers to implement, configure or maintain security measures/controls.
• Work closely with the CTO to continuously improve cyber security policies, processes, tools and controls.

• 7+ years information and cyber security experience in financial services. Fintech experience is a major plus.
• Strong analytical skills with high attention to detail.
• Good communication and interpersonal skills.
• Demonstrated analytical skills and attention to detail.
• Strong understanding of regulatory standards governing the fintech, digital assets and global payment industry.
• Experience working in a fast-paced, dynamic environment, preferably in a start-up, digital assets or fintech company.

Other Skills

• Strong written and verbal communication skills.
• High level of organization and ability to manage multiple priorities simultaneously.
• Excellent problem-solving capabilities.
• High ethical standards and professionalism, with a commitment to confidentiality.
• Ability to work effectively in a team as well as independently.

• Competitive pay
• Discretionary bonus
• Comprehensive healthcare