Chief Information Security Officer - CISO (H/F)
Role details
Job location
Tech stack
Job description
We are currently looking for a Chief Information Security Officer to strengthen our cybersecurity posture and lead the execution of our key security initiatives.
This newly created role combines security strategy with hands-on execution. You will assess our existing environment, define clear priorities and work closely with our technical teams to ensure that security improvements are effectively implemented., * Assess and strengthen identity and access management across the organisation.
- Improve MFA, SSO, RBAC, privileged-access management and access-review processes.
- Strengthen the security of our Microsoft environment, particularly Microsoft Entra ID.
- Review the security of internal networks, endpoints, servers and cloud or on-premise environments.
- Identify security weaknesses and work with technical owners to implement remediation actions.
Cybersecurity Strategy & Roadmap
- Assess Horizon's current cybersecurity posture and main areas of exposure.
- Define and maintain a pragmatic, risk-based cybersecurity roadmap.
- Translate identified risks into prioritised actions, owners and deadlines.
- Drive security initiatives and ensure that agreed improvements are effectively delivered.
- Track and communicate key risks, remediation progress and security priorities.
Vulnerability Management, Monitoring & Incident Response
- Establish proactive monitoring of vulnerabilities and emerging threats.
- Coordinate penetration tests and manage remediation plans through to closure.
- Improve security monitoring capabilities, including SIEM, EDR, logging and alerting.
- Define and test incident-response procedures.
- Support the investigation and coordination of cybersecurity incidents.
Cyber Resilience
- Review disaster-recovery, backup and business-continuity capabilities.
- Define and test recovery procedures for critical systems.
- Organise cyber-crisis simulations with technical and business stakeholders.
- Identify and address resilience gaps affecting business-critical services.
Security Advisory & Stakeholder Support
- Provide practical security guidance to IT, Engineering, Product and Support teams.
- Support client security reviews, audits and technical due-diligence processes.
- Present key cybersecurity risks and priorities to senior management.
- Promote pragmatic security practices aligned with operational and business constraints., * Take ownership of cybersecurity within an international fintech.
- Combine security strategy with concrete and visible execution.
- Work on business-critical electronic trading technology.
- Collaborate closely with experienced technical teams and senior management.
- Contribute directly to Horizon's next stage of cybersecurity maturity.
- Join an international and human-sized organisation where your work can make a real difference.
Requirements
Do you have experience in Security?, * At least five years of hands-on experience in cybersecurity.
- Strong experience in identity, access, infrastructure and network security.
- Good knowledge of Microsoft security environments, particularly Microsoft Entra ID.
- Experience with vulnerability management, penetration testing, monitoring and incident response.
- Ability to define a pragmatic security roadmap and drive remediation actions through to completion.
- Autonomous, pragmatic and action-oriented mindset.
- Professional fluency in English.
- Experience with application security, DevSecOps, business-critical SaaS, financial software or electronic trading environments would be a plus.
Technical Environment
- Microsoft Entra ID and Microsoft end-user environment
- Cloud, on-premise and hybrid infrastructure
- Networks, firewalls, endpoints and servers
- SIEM, EDR, centralised logging and monitoring tools
- Java-based electronic trading platform
- Linux, Docker and CI/CD environments
- Real-time and business-critical systems