Head of Information Security and Data Protection, Palta

Palta is a multi-product tech platform developing a number of mobile apps focused on health&wellbeing space. Our portfolio includes such successful companies as Flo (global leader in female health with more than 42 mln MAU), Prisma (app of the year 2016, 150+ mln downloads), Simple (12m+ downloads). Currently, Palta portfolio consists of 9 mobile apps, all focused on global digital health & wellbeing market. Rapid portfolio growth is fueled by the recently raised $100 million in series B round led by VNV Global.

Palta apps are used by over 100 million health aware people globally!

We're looking for the Head of Information Security and Data Protection to strengthen our business and technology compliance and provide best-in-class data protection service to our customers, build and maintain information security of Palta and portfolio companies, ensure awareness of the employees of threats and risks, timely reaction to incidents, etc.

Responsibilities:

• Taking ownership of data privacy, evangelising privacy by design approach in Palta products and guiding Palta and its portfolio companies on the subjects of data privacy, data protection, GDPR compliance etc.;
• Working closely with the legal team, CTOs of the product companies, and other relevant stakeholders in finding best business and technical solutions regarding data privacy and security
• Serving as an official DPO and the main point of contact for data subject requests and communication with authorities
• Carrying out risk assessments and conducting regular GDPR compliance audits;
• Deeply understand Palta and our portfolio companies business, proactively identify and address information security risks and problems, be in charge of information security at Palta and Palta Brain, our growth platform
• Build information security awareness system, maintain corresponding procedures and policies, pursue the implementation of secure software development practices
• Run Palta’s Bug Bounty program and collaborate with industry experts, partners, vendors, etc.

Requirements: 

• Tech background;
• Data Protection related certifications (e.g., IAPP certifications like CIPP / CIPT);
• Understanding of the global data protection regulatory framework with main focus on GDPR and US data protection regulations;
• Good knowledge of data protection tools (e.g., OneTrust);
• Proven experience as Director of Information Security, CISO or similar position
• Experience in penetration testing, security assessment of mobile apps, websites, backend services, etc.; OSCP, ECPPT, EMAPT, EJPT is a plus
• Architecture review, work closely with the development teams in order to implement 'security by design’ approach, secure software development, etc.
• Experience in implementing corporate security in a complex distributed environment with many offices, business units, etc.
• Strong technical background, analytical mindset, and problem-solving orientation;  deep understanding of data platforms, payment and monetisation services is a plus
• Fluent English

Why is working with us awesome?

• Passionate and highly skilled international team
• Palta is a large and rapidly growing Health&Fitness tech holding with proven track record of developing great products
• Equity for each team member with clear 'exit strategy'
• Market level comp
• Work-life balance to suit everyone: flexible working hours, remote-friendly approach, loyal sick leave policy