CISO

Are you a hands‑on CISO or Security Director ready to lead, standardize, and scale the entire security posture for a hyper‑growth, globally expanding FinTech? Can you urgently drive mission‑critical PCI DSS compliance across multiple international environments while integrating disparate security practices from recent acquisitions?

A high‑growth global FinTech, founded 4 years ago and backed by a major investor, specializes in providing seamless digital payment processing and banking solutions across Asia and the Middle East. With senior leadership split between Europe/UK and Dubai, they urgently seek their next CISO to unify and mature their security function. This is a critical leadership role reporting to the executive team, demanding a candidate who can balance strategic vision with technical delivery.

• Mission-Critical Compliance (PCI DSS): Urgently own and successfully complete the certification for the third PCI DSS environment, ensuring continuous compliance across all card‑touching payments infrastructure.
• Security Strategy & Standardization: Define, harmonize, and implement an enterprise‑grade security framework across the entire group, integrating inconsistent practices following multiple acquisitions.
• Risk & Governance Leadership: Own the overall cyber risk posture, manage ISO certifications, and establish formal security governance to meet the demands of major institutional investment.
• Hands‑On Technical Guidance: Provide technical expertise to navigate security tools (SIEM, Vulnerability Management) and architectural decisions, ensuring the move away from early‑stage cost‑cutting.
• Global Team Management: Lead and grow a small, focused security team (currently 2, planned for 3‑5 total), overseeing the implementation of a 24/7 outsourced SecOps monitoring function.
• Incident Response & Reporting: Lead all major security incident response activities and provide high‑level reporting on operational risk to the executive team and board.

• Payments Security (Card‑Touching): Mandatory hands‑on experience in PCI DSS environments and security engineering for payments infrastructure, specifically dealing directly with card processing (not just merchant or wallet solutions).
• Technical Acumen: Proven ability to operate at both the strategic/GRC level and the technical implementation level; must be able to understand the tools and implementation details.
• Maturity & Scale Experience: Experience in moving a fast‑growing company from a startup mentality to an enterprise‑ready security posture, including modernizing device security and WAF implementation.
• Leadership & Autonomy: Senior leadership background that demonstrates independence in establishing and driving a security program without relying purely on high‑level direction (i.e., not a pure strategy CISO from a massive bank).
• Global Timezone Flexibility: Willingness to work flexible hours to align with a majority of the business operations in Asian time zones.

• Successfully complete the PCI DSS certification for the third, mission‑critical payments environment going live in January 2026.
• Produce a comprehensive assessment of the current security state across all acquired group companies and establish a single, unified security standard.
• Harmonize security processes across the group, retiring inconsistent legacy tooling, and delivering immediate, visible improvements in enterprise readiness.
• Formalize the structure of the security team, successfully onboarding the SecOps hire, and establishing the 24/7 outsourced monitoring capability.

If you are an agile, technically capable CISO or security leader who thrives in an urgent, high‑impact environment and is ready to establish the global security function for a major FinTech player, please apply immediately!

Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds.