Head of Cybersecurity
Lisbon, London
Fidel API
Power your applications with real-time payment data. Build innovative card-linking applications by connecting Visa, Mastercard and Amex cards to loyalty and marketing services all in one place.Our mission at Fidel API is to unlock the full potential of payment cards. We offer a suite of financial infrastructure APIs that enable developers to build programmable experiences connected to purchases made in real-time using a card. Our tools are transforming how merchants and users interact by powering real-time, event-driven engagements, best-in-class loyalty and rewards programs and revolutionizing processes from reimbursements to expense management.
Our APIs are used by start-ups through global enterprises including Google, British Airways, TopCashback, Perkbox, Royal Bank of Canada, and Blackhawk Networks, and are supported by the world’s largest card networks, including Visa, Mastercard and American Express.
Launched in 2018, Fidel is headquartered in London, with offices in Lisbon, New York, and remote employees globally. Fidel is backed by investors including Nyca Partners, QED Investors, Citi Ventures, RBC Capital and Commerce Ventures.
We're in an incredibly exciting period of growth as we continue to scale internationally and are looking for a Head of Cybersecurity who wants to be part of this journey. By reporting to our CTO, you would take ownership of Fidel API’s IRM (Information Risk Management) Programs and establish processes to measure and mature Fidel API’s compliance and risk posture as it pertains to our information assets.
You would have the opportunity to make an impact across the business as you develop Fidel API’s information security risk management and related compliance operations. You will work closely with FidelAPI’s Heads of Technology, Engineering, Sales, Legal, Finance, as well as Product Engineering.
What you will do:
- Lead and manage the Cybersecurity function at Fidel;
- Ensure compliance with applicable controls based on a unified control framework;
- Developing, maintaining, and implementing appropriate frameworks, policies and processes;
- Partner with the Legal team to implement and streamline privacy processes and controls;
- Help maintain and mature internal corporate Information Security Policies;
- Collaborate with various key stakeholders to gain a common understanding of issues related to the control breakdowns/missing controls to define a specific commitment to strengthen or implement controls
- Experience working in lean agile methodologies as long as cross-functional and distributed teams;
- Establish budget, forecast and track expenses for the Cybersecurity domain;
- Advise the leadership on future investments and build relevant KPIs & dashboards for regular review with the C-Level;
- Identify specific needs and requirements, and determine the best approach and solutions for the region to cover risks;
- Build support and operating model of security solutions in the company in coordination with IT & Engineering stakeholders (e.g. Infrastructure, Development and IT teams);
We want you if you:
- Have a strong understanding of IT and cyber security, with demonstrable experience establishing and operating a technical risk and compliance function. You will have worked with common technical and security standards such as PCI-DSS, ISO27001, SOC2 and GDPR;
- Have the ability to operate with a high degree of autonomy and lead the organisation-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations;
- Lead and project manage the compliance programs across all business units;
- Show a positive and friendly attitude, problem-solver by nature, and highly conscientious;
- Show a good understanding of Vulnerability and Risk Assessment approaches and methodologies.
- Show experience of handling cyber security incidents, threat hunting and forensic, as long as experience in selecting, deploying and maintaining security solutions;
- Hold CISSP or CISM, CISA and CRISC certifications;
OUR VALUES
At Fidel API, we live by our values and what we stand for, and that feeds into every decision we make. Fidel comes from the Latin word ‘Fidelis’ which means reliability, trust, truth and dependability. We honor those values — and our commitment to them — by naming ourselves after the ancient root word itself.
Across our company, we speak 27 languages and represent 25+ different nationalities. It’s our diversity of background, thinking, talents and skills that allows us to build truly global products for the developers who are driving payments innovation forward.
BENEFITS
We're committed to making Fidel a fantastic place to work and we go to great lengths to give you what you need to succeed. You’ll receive:
- Unlimited holidays (you manage your time)
- Flexible working - opportunity to work from home
- WFH office budget
- Health Insurance with 100% premium coverage (Medical, Dental, Vision)
- 401k with company match
- Access to training and education platforms (Udemy, Audible, and Headspace)
- Annual company off-site (Europe)
At Fidel API, we don’t just accept difference - we celebrate it, we support it, and we thrive on it. We’re proud to be an equal opportunity employer and we value diversity. We do not discriminate on the basis of educational attainment, race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status or disability status - simply, we consider all qualified applicants, consistent with any legal requirements. If you have a disability or special need that requires accommodation, please let us know.
To learn more about us and what life is like at Fidel API, visit our blog or follow us on Twitter(@fidelhq) or Instagram(@fidelhq).
If you think you’d be a great fit, apply today!
To all recruitment agencies: Fidel API does not accept agency resumes. Please do not forward resumes to our jobs alias, Fidel API employees or any other company location. Fidel API is not responsible for any fees related to unsolicited resumes.
Tags: Agile APIs C CISA CISM CISSP Compliance CRISC Finance GDPR ISO 27001 KPIs Privacy Risk assessment Risk management SOC 2
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care Insurance Startup environment Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs