Head of Security – Compliance

This is a fully remote position, open to applicants in Romania.

📋 Description

• Assume responsibility for security and compliance at Masabi, establishing clear priorities and operational methods.

• Develop a comprehensive understanding of our current security status and outline a practical strategy for its enhancement over time.

• Identify security and compliance requirements, collaborating closely with Engineering and IT teams to ensure effective implementation.

• Sustain existing compliance with PCI DSS, ISO27001, SOC2, and Cyber Essentials, while spearheading new compliance initiatives for additional standards such as ISO 27017 and ISO 27018.

• Oversee audits from start to finish, including preparation, execution, and follow-up actions.

• Collaborate with Engineering and Product teams to integrate security practices that facilitate project delivery.

• Maintain a clear and actionable risk overview, assisting the business in prioritizing critical issues.

• Develop a more scalable approach to customer assurance, featuring clearer processes and reusable materials for customer and audit inquiries.

• Assist in determining which compliance standards to adopt as we expand.

• Lead and mentor a small team, fostering focus, trust, and shared direction.

⛳️ Requirements

• Experience in security and compliance within a payments, fintech, or PCI-regulated environment.

• Strong hands-on expertise with PCI DSS, ISO27001, and SOC2, including experience in preparing for and executing audits.

• Proven history of personally owning and delivering compliance programs, rather than just supervising them.

• Understanding of the connection between security and compliance, and the ability to implement them effectively within a business.

• Experience in a growing or scaling company, with the ability to establish structure and set priorities effectively.

• Comfortable driving initiatives across teams without direct authority and ensuring completion.

• Possess sound judgment in balancing risk, delivery, and commercial considerations.

• Experience supporting or leading a small team, with a focus on creating clarity and accountability.

• Ability to communicate effectively with both technical and non-technical audiences, helping them understand key issues and necessary actions.

🏝️ Benefits

• 25 days of holiday each year, plus a Christmas Shutdown (an additional 3-4 days).

• Premium medical care provided through Regina Maria.

• Access to mental health support.

• Menopause support services available.

• Regular social events, with a monthly allowance for each employee.

• Up to €1000 training budget annually.

• €200 allocated for home office expenses.

• Option to choose your workstation.

• Flexibility to work from any country for up to 3 months each year.