Information Security Officer

Warsaw, Masovian Voivodeship, Poland

Applications have closed

Volt.io

Plug into the world’s first real-time payment network. Accept open banking payments from customers. Globally.

View company page

About the role

As an Information Security Officer you will play a crucial role in providing technical expertise, guidance and consultancy connected to security. Working with Volt will give you the opportunity to build a culture of security among our development teams. You will support the design of a global and exponentially scalable payments transaction platform. You will have a chance to go through the full team building and international growth journey with us. We will count on your expertise in systems design, architecture, and compliance.

About our tech choices

We are designing our solutions with Domain-Driven Design principles in mind. That led us among other things to use the hexagonal architecture as our base pattern for the business layers of our apps. The systems as a whole are built with the best practices of microservices architecture, including CQRS, language-agnostic protocols, containerization, etc. Above all, we are keeping the balance between novelty and delivering business value since that is the ultimate goal of our tech stack.

Key responsibilities:

  • Lead and manage cybersecurity projects across the company,
  • Reviewing system architecture to ensure it is in line with principles derived from applicable regulatory standards, as well as industry best practices,
  • Ensuring compliance and integration of security architecture within the cloud and assuring its appropriate functioning,
  • Reporting the general state of IT infrastructure in the security area according to established metrics,
  • Identifying, managing and reporting security incidents according to required standards and regulations,
  • Reviewing and evaluating infosecurity / cybersecurity solutions and risk controls for Volt’s products, applications and systems,
  • Conducting reviews of current security measures and recommending, implementing or supervising the implementation of necessary changes and improvements,
  • Creating and maintaining company infosecurity / cybersecurity and compliance policies and procedures,
  • Creating thread models and identifying risks for infrastructure and applications,
  • Supervising regular and ad-hoc security tests,
  • Managing BCP/DRP related activities,
  • Assessing new business initiatives and supporting development activities in regards to processes and technologies used from an information- and cybersecurity perspective,
  • Conducting 3rd party vendor assessments in accordance with applicable regulations, policies and procedures,
  • Working closely with Risk & Compliance, Legal and Operations teams, as well as supporting other departments as needed in the area of information security, cybersec and general protective measures to safeguard data, systems and other assets of the Company,
  • Participating in internal and external audits and acting as the main contact for IT security matters,
  • Building awareness on security and compliance principles and best practices.

Requirements

  • You have 5-6 years of experience in designing a corporate security architecture,
  • You have hands-on experience with cloud security tools (eg. AWS Inspector),
  • You have experience in implementing ISMS or performing information security audits in accordance with ISO 2700x standards,
  • You possess a solid understanding of applicable law in the area of information security for the financial sector (PSD2/RTS), data protection regulations (GDPR), norms, standards (ISO 2700x series, NIST, COBIT, ITIL etc.) and practices in the area of security processes and operations,
  • You are able to demonstrate vast knowledge of technologies focused on cloud security,
  • You are a communicative person committed to the performance of entrusted duties,
  • You possess extensive knowledge of tools and IT security systems i.a. SIEM-SOAR, IAM, PAM, WAF, NGFW, DAM, DR, SOC, VMS, AV, ATP, CTI, EDR, Web/Mail Gateway, DevSecOps, Cloud Security, ServiceNow, AWS,
  • You are familiar with OWASP Top 10, MITRE ATT&CK, CIS, CAIQ,
  • You are fluent in English in speech and writing.

Nice to have:

  • Prior experience with fintech companies and familiarity with financial institutions are more than welcome,
  • Experience and willingness to become a leader is a plus.

Benefits

Why work at Volt?

  • In 2021, we secured $23.5 million in Series A funding – a record in the open banking space. We’re going places – fast,
  • We’re building new, game-changing tech that’s evolving at lightning speed. It’s energising to be part of,
  • We champion ‘extreme ownership’ – being not just the owner of your own tasks, but a key member of a team united by, and accountable for, common goals,
  • During the week we mostly work remotely but for those who prefer to be in the office we arranged coworking spaces in Warsaw (Business Link Astoria) and Cracow (Chillispaces),
  • Every Thursday, our employees meet and enjoy working together at the Puro Hotel in Cracow and Warsaw. There is always an opportunity to eat lunch together and grab some drinks after hours,
  • Every occasion is a good reason for celebration; we organise Christmas parties and company retreats,
  • We care about our employees’ health, so you will be provided with medical insurance by Luxmed,
  • We offer paid holidays (pssst...we will give you one day off extra for your birthday),
  • In addition, once every two months on Friday we close down all comms at Volt - a digital detox. The whole business is officially ordered to take the day off!
  • If you want to work in a company with a great, start-up atmosphere, you don’t have to look further :)

Recruitment process

  • Selected candidates will be invited for an initial interview with our People & Culture representative. The video meeting will take about 30 minutes,
  • Then it’s time for a second interview! The meeting will be conducted by our VP Risk & Compliance and our External Security Consultant and will last 1-1,5 hours,
  • We will invite you for a call with our DevOps Team Lead/SVP of Technology which will take 45 minutes - 1 hour,
  • Our Chief Operating Officer would also like to chat with you :) You can expect the meeting to last approximately 30 minutes,
  • If successful, you will be given a job offer proposal.

Seems like a place you would like to be a part of? Our team is waiting for you!

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits AWS Banking Cloud COBIT Compliance DevOps DevSecOps EDR FinTech GDPR IAM ISMS ITIL IT infrastructure Microservices MITRE ATT&CK NGFW NIST OWASP PSD2 SIEM SOAR SOC

Perks/benefits: Health care Team events

Region: Europe
Country: Poland
Job stats:  11  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.