Requirements

10+ years of experience in information security management, ideally within financial services, banking, or payments
Expertise in InfoSec and IT operations, focusing on regulatory compliance, security risk, and mitigation
Experience managing outsourcing of IT and InfoSec services
Advanced technical security knowledge and familiarity with regulatory requirements (PCI-DSS, PSD2, GDPR, LPM, DORA)
Experience delivering localised IT and InfoSec policies aligned with FR and EU regulatory standards
Expertise in industry standards, like SOX, SOC2, ISO, COBIT, and ITIL
Experience aligning plans with business goals and setting measurable metrics
An analytical, solution-oriented mindset
Excellent stakeholder management and communication skills

Nice to Have

Leading information security for our branch in France, driving the maturity, automation, and scalability in collaboration with the Global Information Security team
Engaging with a wide range of stakeholders, from senior management to engineers, across IT and InfoSec
Developing and executing strategies, methodologies, and training plans to raise awareness and promote a solid information security culture
Reporting on the security status, key incidents, and noteworthy events to senior management, including delivering in-depth briefings to the local board
Localising IT and InfoSec policies and procedures in France, ensuring alignment with local regulations and regulator guidance
Setting, implementing, and tracking operational and tactical goals to meet strategic KPIs and objectives
Building solid working relationships with FR/EU regulators, ensuring compliance, and overseeing outsourced activities to group companies
Conducting third-party security risk assessments, completing or submitting any required assessments/reports, and managing additional security reviews
Leading annual reviews of onboarded vendors to ensure ongoing compliance and risk management