Head of Cybersecurity

Lisbon, London

Applications have closed

Fidel API

Power your applications with real-time payment data. Build innovative card-linking applications by connecting Visa, Mastercard and Amex cards to loyalty and marketing services all in one place.

View company page

Our mission at Fidel API is to unlock the full potential of payment cards. We offer a suite of financial infrastructure APIs that enable developers to build programmable experiences connected to purchases made in real-time using a card. Our tools are transforming how merchants and users interact by powering real-time, event-driven engagements, best-in-class loyalty and rewards programs and revolutionizing processes from reimbursements to expense management.

Our APIs are used by start-ups through global enterprises including Google, British Airways, TopCashback, Perkbox, Royal Bank of Canada, and Blackhawk Networks, and are supported by the world’s largest card networks, including Visa, Mastercard and American Express.

Launched in 2018, Fidel is headquartered in London, with offices in Lisbon, New York, and remote employees globally. Fidel is backed by investors including Nyca Partners, QED Investors, Citi Ventures, RBC Capital and Commerce Ventures.

We're in an incredibly exciting period of growth as we continue to scale internationally and are looking for a Head of Cybersecurity who wants to be part of this journey. By reporting to our CTO, you would take ownership of Fidel API’s IRM (Information Risk Management) Programs and establish processes to measure and mature Fidel API’s compliance and risk posture as it pertains to our information assets. 

You would have the opportunity to make an impact across the business as you develop Fidel API’s information security risk management and related compliance operations. You will work closely with FidelAPI’s Heads of Technology, Engineering, Sales, Legal, Finance, as well as Product Engineering.

What you will do:

  • Lead and manage the Cybersecurity function at Fidel;
  • Ensure compliance with applicable controls based on a unified control framework;
  • Developing, maintaining, and implementing appropriate frameworks, policies and processes;
  • Partner with the Legal team to implement and streamline privacy processes and controls;
  • Help maintain and mature internal corporate Information Security Policies;
  • Collaborate with various key stakeholders to gain a common understanding of issues related to the control breakdowns/missing controls to define a specific commitment to strengthen or implement controls
  • Experience working in lean agile methodologies as long as cross-functional and distributed teams;
  • Establish budget, forecast and track expenses for the Cybersecurity domain;
  • Advise the leadership on future investments and build relevant KPIs & dashboards for regular review with the C-Level;
  • Identify specific needs and requirements, and determine the best approach and solutions for the region to cover risks;
  • Build support and operating model of security solutions in the company in coordination with IT & Engineering stakeholders (e.g. Infrastructure, Development and IT teams);

We want you if you:

  • Have a strong understanding of IT and cyber security, with demonstrable experience establishing and operating a technical risk and compliance function. You will have worked with common technical and security standards such as PCI-DSS, ISO27001, SOC2 and GDPR;
  • Have the ability to operate with a high degree of autonomy and lead the organisation-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations;
  • Lead and project manage the compliance programs across all business units;
  • Show a positive and friendly attitude, problem-solver by nature, and highly conscientious;
  • Show a good understanding of Vulnerability and Risk Assessment approaches and methodologies.
  • Show experience of handling cyber security incidents, threat hunting and forensic, as long as experience in selecting, deploying and maintaining security solutions;
  • Hold CISSP or CISM, CISA and CRISC certifications;

OUR VALUES

At Fidel API, we live by our values and what we stand for, and that feeds into every decision we make. Fidel comes from the Latin word ‘Fidelis’ which means reliability, trust, truth and dependability. We honor those values — and our commitment to them — by naming ourselves after the ancient root word itself.

Across our company, we speak 27 languages and represent 25+ different nationalities. It’s our diversity of background, thinking, talents and skills that allows us to build truly global products for the developers who are driving payments innovation forward.

BENEFITS

We're committed to making Fidel a fantastic place to work and we go to great lengths to give you what you need to succeed. You’ll receive:

  • Unlimited holidays (you manage your time)
  • Flexible working - opportunity to work from home 
  • WFH office budget
  • Health Insurance with 100% premium coverage (Medical, Dental, Vision)
  • 401k with company match
  • Access to training and education platforms (Udemy, Audible, and Headspace)
  • Annual company off-site (Europe)

At Fidel API, we don’t just accept difference - we celebrate it, we support it, and we thrive on it. We’re proud to be an equal opportunity employer and we value diversity. We do not discriminate on the basis of educational attainment, race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status or disability status - simply, we consider all qualified applicants, consistent with any legal requirements. If you have a disability or special need that requires accommodation, please let us know.

To learn more about us and what life is like at Fidel API, visit our blog or follow us on Twitter(@fidelhq) or Instagram(@fidelhq).

If you think you’d be a great fit, apply today!

To all recruitment agencies: Fidel API does not accept agency resumes. Please do not forward resumes to our jobs alias, Fidel API employees or any other company location. Fidel API is not responsible for any fees related to unsolicited resumes.

Tags: Agile APIs C CISA CISM CISSP Compliance CRISC Finance GDPR ISO 27001 KPIs Privacy Risk assessment Risk management SOC 2

Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care Insurance Startup environment Unlimited paid time off

Region: North America
Job stats:  15  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.