CISO

CISO

P27 Nordic Payments

Do you want to be part of creating one common state of the art payments platform in the Nordic countries? This is your chance to make an important contribution to P27 Nordic Payments reaching its vision to build the world’s first real-time, cross-border payments system in multiple currencies.

About this opportunity

You will be part of P27 Nordic Payment’s IT organization, which is responsible for the Security, Operations, Service Management, Application Development and Management, and Enterprise Architecture of the services offered by P27, and the IT organization is planned to grow. That includes security, in this role you will play a key part in growing your organization in the coming years. You will be located in Stockholm and report to the Head of IT/CIO.

P27 Nordic Payments is right now building new Nordic payment rails that will enable financial institutions to offer batch as well as instant payments to their customers across to Nordics. And on top of the new payment rails, we are planning a new bill payment service that will enable modernization and streamlining of the way we pay for bills, e-invoices, and e-commerce in the future.

About the role

The Chief Information Security Officer (CISO) is responsible for P27’s information and cyber security.

The CISO serves as the process owner of activities related to the confidentiality, integrity and availability of customer, business partners, employee, and business information in compliance with the organization’s information security policy and instructions. A key element of the CISO’s role is working with executive management to propose and present the risk levels regarding information security to the Board of Directors. This position is responsible for establishing, maintaining, following up and reporting on a company-wide information security management system program to ensure that both information assets and physical environment are adequately protected.

Tasks and activities include but are not limited to:

  • Serve as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization’s information security policies and strategies.
  • Work with Executive Management to determine acceptable levels of risk for the organization. The risk appetite will set the overall boundaries for the CISOs subsequent establishment and maintenance of P27 corporate-wide information Security Management Program, which shall safeguard that information assets are adequately protected.
  • Develop, implement, maintain and monitor a strategic, comprehensive Enterprise Information Security and IT Risk Management Program, including relevant controls
  • Develop and enhance an information security management system (ISMS).
  • Provide leadership and training to the enterprise’s information and cyber security organization
  • Support the development, monitoring and evaluation of the company’s IT- and cyber security controls
  • Partner up with outsourcing vendors in order to monitor and enhance information and cyber security

Your experience and background

We expect the candidate to have a relevant university degree within IT, security, law, or similar. Further, the candidate has relevant proven certifications like CISSP, CISM, CRISC, CPP, CISA, or similar.

The ideal candidate comes with a solid background within a regulated market with focus on information and security management, a strong track record in information and cybersecurity/defense and leadership which includes the following professional and personal qualifications:

  • Management experience/experience with employee development
  • Solid knowledge of information and cybersecurity, including security in cloud solutions
  • Solid knowledge of physical security and personnel security
  • Solid knowledge of risk management, risk, and threat analysis and intelligence
  • Experience in designing and executing on IT strategy and related implementation plans
  • Experience with ISO 27000 series, NIST Cyber Security Framework, ITIL and similar relevant frameworks.
  • Experience from an outsourced IT environment -both regarding the use of consultants, partner integrations and SaaS / PaaS solutions and related regulation
  • Experience with Financial authorities guidelines and financial sector regulation as outsourcing regulation, EBA guidelines and similar

About you

You will be part of a newly established team of ambitious, experienced, and helpful people. As a person, we expect you to identify with the following qualifications and competencies:

  • Provide strong leadership and empower the employees within the area
  • Curious, persistent, thrives on tackling challenges and making a difference
  • Analytical mindset and good problem-solving skills of complex and challenging issues
  • Team player with good stakeholder and collaborative skills and skilled to navigate among many stakeholders
  • Good at conveying complex messages, so they become simple and easily understandable
  • Outgoing with good networking skills – both internally and externally

 

With colleagues in teams distributed in Denmark, Sweden, and Finland you must master English on a high level both in writing and orally and also a Nordic language.

The values that guide us in P27 Nordic Payments are Together – Excellence – Trust – Courage. We assume that you share these values with us.

Application and more information

P27 Nordic Payments co-operates with Compass in this recruitment. If you want more information about this position before submitting your application, please do not hesitate to contact Compass consultants Hans Jansson on +46 73 461 36 03 or Jens Nordqvist on +46 70 145 35 69.

Please submit your application and CV as soon as possible, if you are interested. Applications will be processed on an ongoing basis.

Background checks are an integrated part of our recruitment process.

Welcome with your application!