CISO (Fintech Payments - Part-Time)

! CANDIDATES MUST HAVE AT LEAST 5 YEARS WITHIN IN FINTECH, EMIs OR A REGULATED PAYMENT INSTITUTION !

Due to exciting business growth, a fantastic opportunity has arisen for Chief Information Security Officer to join a leading Fintech Payments company in the heart of London. We are seeking candidates with strong cyber security experience to support the team with managing the service provider, cyber security audits and managing the IT roadmap. You will drive the security, efficiency, and regulatory compliance of our payment platform and IT infrastructure. You will work closely with the CEO, COO, and technology teams to ensure systems meet the highest industry standards. This role is a permanent position with part-time hours of circa 40 hours per month with view for more as business needs grow.

Duties of the Chief Information Security Officer to include:

Fintech & Payments Infrastructure:

• Provide strategic direction for our core payments platform, aligning architecture with business goals.
• Oversee the implementation and maintenance of secure transaction processing systems.
• Ensure adherence to payment security frameworks (PCI DSS, PSD2, SCA).

IT Infrastructure & Vendor Management:

• Lead cloud infrastructure and security strategies.
• Manage relationships with third-party IT service providers, ensuring optimal performance and value.
• Develop and implement robust security protocols, disaster recovery, and business continuity plans.
• Direct internal IT operations, including system maintenance and endpoint security.

Cybersecurity & Risk Management:

• Establish and maintain cybersecurity governance frameworks (ISO 27001, NIST, Cyber Essentials).
• Manage security audits, penetration testing, and vulnerability assessments.
• Develop and implement security roadmaps compliant with FCA, PRA, and payment industry regulations.
• Oversee identity and access management systems.
• Lead incident response and security threat mitigation during cyber incidents.
• Review and approve IT security and data protection policies.

Regulatory & Compliance Support:

• Ensure compliance with FCA and PRA regulations specific to EMIs.
• Oversee the preparation of financial compliance reports (REP 018, REP 020) and IT governance documentation.
• Ensure data protection compliance (GDPR, UK Data Protection Act).
• Coordinate with auditors, security vendors, and cloud platform providers.
• Implement operational resilience measures.

Strategic IT & Security Leadership:

• Align technology strategy with business objectives and growth plans.
• Advise on technology investments, automation, and efficiency improvements.
• Optimize IT budgets while maintaining security and performance.
• Engage with internal and external stakeholders, including company meetings.

Requirements for the successful Chief Information Security Officer:

• Strong technical expertise in cloud security, API security, and DevSecOps.
• 10+ years in senior technology leadership, with 5+ years in fintech, EMIs, or regulated payment institutions.
• Expertise in payment technologies, transaction processing, and financial messaging.
• Experience with FCA & PRA regulatory compliance.
• CISSP, CISM, CISA, or equivalent cybersecurity certifications.
• IT governance frameworks certification (COBIT, ITIL).
• Cloud security certifications.

This vacancy is being advertised by Montpellier Resourcing Associates Limited. The services advertised by Montpellier Resourcing Associates Limited are those of an Employment Agency.