Head of Security Risk and Compliance

We are looking for a Head of Security Risk and Compliance in our Team

Security Policy & Controls

• Lead a full rebuild of existing security policies to align with industry best practices and regulatory requirements

• Design and implement security controls across all relevant business units and functions

• Maintain and continuously improve the organization's security governance framework

• Develop and manage risk registers, control libraries, and compliance documentation

Security Certifications

• Own and drive key security certification programs including ISO 27001, BSP regulatory requirements, and other applicable frameworks

• Manage all audit preparation, evidence collection, and remediation activities across certifications

• Serve as the primary point of contact for external auditors, certification bodies, and regulators

PCI DSS (Immediate Priority)

• Lead the end-to-end PCI DSS certification process, from initial scoping and gap assessment through to successful attestation

• Coordinate cross-functionally with IT, engineering, finance, and operations to ensure full compliance readiness

• Manage QSA relationships and oversee all remediation efforts

• Maintain ongoing PCI DSS compliance post-certification, including periodic reviews and control monitoring

Team Leadership

• Lead, mentor, and develop the existing security compliance team

• Define team goals, manage workload prioritization, and conduct performance reviews

• Build a culture of accountability and continuous improvement within the function

• Collaborate with senior leadership to align security compliance priorities with business objectives