CTO & CISO

Loodapay LU S.A.
Municipality of Madrid, Spain
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
Chinese, English, Spanish
Experience level
Intermediate
Compensation
€ 80K

Job location

Municipality of Madrid, Spain

Tech stack

Software System Penetration Testing
Cloud Computing
Cloud Engineering
Computer Security
Information Systems
Payment Systems
Identity and Access Management
Network Security
System Availability
Information Technology
Api Management

Job description

  1. Define and lead the Company's overall technology strategy, systems architecture, and product development roadmap.

  2. Develop, implement and maintain the Company's information security framework, policies and procedures in line with ISO 27001 and applicable regulatory standards.

  3. Ensure the Company's ICT systems and digital operational resilience comply with Regulation (EU) 2022/2554 (DORA), including ICT risk management, incident classification and reporting, resilience testing, and ICT third-party risk oversight.

  4. Oversee access controls, encryption, incident response procedures, and data protection measures across all information systems.

  5. Ensure compliance with data protection requirements under the GDPR and the Spanish Ley Orgánica 3/2018 (LOPDGDD).

  6. Manage the Company's cloud infrastructure, payment processing systems, and API integrations, ensuring high availability, scalability and resilience.

  7. Coordinate with third-party technology and outsourcing providers, ensuring outsourced services meet security, confidentiality and Banco de España outsourcing requirements.

  8. Conduct regular risk assessments, vulnerability analyses and penetration testing of systems and networks, and lead remediation efforts.

  9. Provide IT security training and awareness to employees.

  10. Report on technology strategy, ICT risk and security incidents to senior management, the Board and, where applicable, the Banco de España.

Requirements

  1. Bachelor's or Master's degree in Computer Science, Engineering, Information Security or a related discipline.

  2. Minimum 5 years of experience in technology leadership roles, with at least 3 years in information security, preferably within financial services or fintech in Europe.

  3. Professional certification such as CISSP, CISM, or ISO 27001 Lead Implementer preferred.

  4. Strong knowledge of DORA, network security, cloud architecture, encryption and access management.

  5. Proven experience building and scaling technology teams and payment platforms.

  6. Fluency in Spanish and English, Mandarin Chinese is a plus.

Apply for this position