Chief Information Security Officer (CISO)
Job Details
Full Job Description
Introduction
Here at Fnality, we are powering the future of finance, together: combining best in class technology with free-flowing creativity, and expertise that can make business better for everyone. There are no precedents for what we’re doing. With you on our side, we’ll be setting new ones every day.
In a complex world, we are here to bring clarity and make positive change. Fnality Services is central to each Fnality Payment System’s (FnPS) effective and resilient operation and provides an efficient common service platform for the secure global delivery of settlement operations.
Position Summary
The CISO is responsible for facilitating the security of the Fnality group of companies' information assets and IT infrastructure. As the leader of the information security team, you will be responsible for developing and implementing a comprehensive security strategy for the organisation. This includes managing risk, assessing vulnerabilities, and implementing security controls and processes.
You will have an in-depth understanding of information security principles and practices, including risk analysis, threat intelligence, penetration testing, and incident response. You should also have a strong technical background, with experience in network and application security, secure code development, and system hardening.
You will also have excellent interpersonal and communication skills, as you will be responsible for engaging with internal and external stakeholders.
This is a great chance to join an exciting company and make a real difference to the organisation’s security posture. You will be given the opportunity to shape the security strategy, and to have direct and immediate impact on the security of the organisation.
Role & Responsibilities
- Lead the cyber security strategy for the Fnality group of companies in alignment with the groups CIOCTOs and governance forums
- Definition of security strategy; direction and oversight of the security programme; point of internal and external escalation; input into business priorities and decision making
- Develop and manage Fnality’s overall approach to data security, privacy, and information protection.
- Plan, analyse, design, test, deploy, and maintain Fnality’s information security infrastructure responsive to business requirements and applicable regulations.
- Align standards, frameworks and security with overall business and technology strategy
- Ensuring all security, data and information processes, standards, and policies are up to date and fit for purpose
- Provide formal assurance to internal Fnality group companies and external stakeholders (e.g. shareholders, central banks, regulators, etc)
- Oversee assurance and compliance with certificationsattestations (e.g. SWIFT, CHAPS, ISO, Cyber Essentials, etc)
- Design’s security architecture elements to mitigate threats as they emerge
- Audits the collection, use and retention of all personal data within the Fnality group of companies and wider payment ecosystem
- Design and operate an effective approach to measuring the effectiveness of the ISMS framework
- Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes
- Leads and facilitates organisational training and communications around data security and information protection issues
- Leads cyber security related incident management and response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary
Skills And Experience
- Experience working to Cyber Essentials guidelines, and Cyber Essentials Plus verification
- Experience of working within NIST frameworks (800-53; 800-171; 800-30)
- Experience working to ISO:27001 accreditation
- Strategic, forward thinking approach with a passion for innovation and change
- Willingness to get involved with a multitude of work and changing priorities in a fast-paced, ambiguous environment
- Comfortable working with limited resources and tight deadlines
- Attention to detail
- Ability to see the bigger picture
Ideally you will have
- Experience adhering to regulatory compliance and information security management frameworks (e.g. IS027001, NIST, etc)
- Possess one or more the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
- Understanding of financial services and relevant regulations and laws.
- Knowledge of and/or interest in blockchain, financial services back-office processes, systems and products
- Nice to have certifications:
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- Certified Information Systems Auditor (CISA)
Why should you join Fnality?
We employ curious individuals who thrive working in a fast-paced and constantly changing environment, who work best when empowered to drive their own work, and who are not afraid to fail fast and learn quicker.
You will be an analytical thinker who is able to look at tasks and understand the most efficient way to achieve the desired outcome. You will be vigilantly outcomes-focussed and fully agile in your approach to working. You will have an insatiable desire to learn, adept at picking up new challenges and giving it a go. You will want to deliver as much as learn and you will understand how important the power of the team is.
A bit more about us
Digital transformation is changing our lives, work and businesses. While other sectors evolve however, financial markets remain slow, fragmented and siloed. What the world needs now is a future-facing financial system for the digital age.
At Fnality, we have been speaking – and listening – to the real users of today’s financial systems. From businesses to banks, there is a clear, collective ambition for a simpler, faster, safer and more resilient payment system; one that can move and settle money quickly and efficiently, with minimised risk and much more transparency.
Fnality Global Payments
We are building a new payment system that will enable tokenised, peer-to-peer markets.
Fnality Global Payments (FnGP) will comprise a series of national systems, each regulated in its home jurisdiction. We call each of these a Fnality Payment System (FnPS)
In each payment system, a Fnality settlement asset will act as the settlement/payment asset for any Payment (P), Delivery v, Payment (DvP) or payment vs. payment (PvP) need.
FnGP are underpinned by Distributed Ledger Technology (DLT). The nature of DLT is such that it enables FnGP to:
- Operate a true peer-to-peer market
- Allow for immediate settlement
- Interoperate across business platforms and jurisdictions
The key benefits of the above are:
- Reduced counter-party and credit risk
- Reduced operational risk
- Efficient liquidity management
- An ability to move resources from risk mitigation to business growth
How will we use the information about you?
We will use your personal information to process your application, to enable us to assess your suitability for a role and for other legitimate business purposes such as improving our sites and talent management practices. We may share your data with third parties to achieve these purposes. We will not use or share your information for marketing purposes.
We will take appropriate security measures to safeguard your information in accordance with data protection legislation.
If you would like further information about how your information may be processed by us, please contact us at