PPRO helps people to pay and get paid. As one of the fastest-growing Fintech companies in Europe, we have been building industry-leading electronic payment infrastructure for over 10 years.
Our acquiring solution serves payment industry leaders by providing the most efficient access to worldwide alternative payment methods. As an FCA authorised, EU certified e-money institution, we also offer a full range of issuing services for e-money accounts and prepaid VISA® and Mastercard® solutions.
We have offices in London, Munich, Cologne, Gibraltar, Sibiu, Luxembourg, Atlanta and Singapore. Our teams are growing rapidly with a diverse group of more than 30 nationalities, all united in a dynamic culture with a common purpose: to deliver the best possible products and services to our partners and customers. Together we have a desire to succeed, team spirit, high energy, professionalism and a willingness to take on complex challenges and find simple, elegant solutions.
What will be your main mission?
You are technology professional who knows about product delivery, and you are able to apply your deep knowledge of ISMS and privacy rules to ensure successful delivery to the highest standards. You are not just a box checker, but a thought leader in the area of security and privacy. You can communicate equally well with regulators, auditors and engineers, but your heart is in technology development. You will be based in Luxembourg, but your impact will be global.
Who will you be working with? You will be part of our Technology Management Team, which is comprised of our CTO & technology leads for software, infrastructure and operations.You will be working closely together with our product and operations teams to understand customer needs and contribute to product development cycles.Additionally, you will be working closely with our legal and regulatory teams to ensure regulatory compliance across the business for the technology function.You will be the contact person for security and privacy across the business for both internal and external stakeholders.
What will be your main responsibilities?Further develop PPRO’s information security, IT compliance and privacy management programmes in collaboration with the functional teams.Lead and manage third-party audits (e.g. ISAE 3402; PCI DSS) and customer due diligence related to privacy and IT controls.Report to Luxembourg MD & CSSF on matters of security, privacy and IT compliance as part of the regulatory obligations to the CSSF.Maintain risk assessment of security and privacy across PPRO’s products and infrastructure.Assess and approve production changes and/or major releases affecting PPRO’s regulated services.Define, implement and maintain IT policies to meet management and regulatory requirements.Supervise the IT operations for PPRO’s customers, management and control of local IT services.Supervise the performance of outsourced services from IT providers (including intra group companies)..Oversee the management and reporting of any adverse incidents impacting PPRO’s customers and operations.
How your success will be measured? Decrease gaps in PPRO’s security, privacy and IT control programmes while maintaining rapid product delivery.Maintain PPRO’s standing with payment schemes, regulators and customers in regards to security and privacy matters.Third-party security and privacy assessments executed successfully and delivered on time.
QualificationsDeep working knowledge of ISMS (ISO 27001, COBIT, ITIL) as well as GDPR.Project management and communication in English language are essential.Practical application of functional security and privacy within a product development lifecycle.Experience with DevOps, Cloud (AWS) and Agile environments where rapid product delivery is essential to the customer experience.
You must be eligible to live and work in EU.
The information you supply in your application will only be used to shortlist and select for each position you apply for. Your information will be kept in our database according to the Data Protection Act. If you do not wish for your information to be held, please contact us.