Information Security Officer

Luxembourg
Technology – Information Security: Regulatory /
Permanent - full time /
Hybrid
Apply for this job
At PPRO, our mission is to simplify access to local payment methods and our vision is to enable the sale of goods and services to anyone in the world using their preferred way to pay. We empower partners such as Ant Group, PayPal and Stripe to access new markets, connect with more customers, and accelerate their growth.

Our strength lies in our diverse global team with 50+ nationalities and 10+ international locations- all united around one goal – to deliver the best possible products and services to our partners and customers. While our company mission is to keep innovating global commerce, our internal mission is to #chooseaction, #beopen, #thinkcustomer, #gofurther and #wintogether

The Purpose:

Step into a critical role within our expanding Governance Risk and Compliance (GRC) team, where you'll be at the forefront of securing PPRO and our customers across the dynamic payments ecosystem. We're looking for an Information Security Officer who's not just about ticking boxes and who’s excited about driving innovative security solutions and shaping the future of compliance.

PPRO is a cloud-native FinTech trailblazer, operating cutting-edge payment services hosted in the Cloud. Our GRC team acts as a vital second line of defence, owning and overseeing security policies, risk management and compliance with stringent regulatory demands. You’ll thrive in an exhilarating, fast-paced environment, leading advancements in how we manage security through automation, engineering principles, and the responsible integration of Artificial Intelligence. You’ll have a high degree of autonomy to demonstrate your technical expertise,  influence and lead on security matters.

Your impact in this role:

    • Engineering-led compliance: drive the adoption of "compliance as code" principles to automate and streamline security and compliance processes.
    • Risk management: identify, assess, and manage security risks through comprehensive risk assessments, using a proactive and data-driven approach.
    • Policy design: contribute to the creation and implementation of pragmatic, effective, and efficient security policies that align with our business objectives and leading industry practices.
    • Regulatory oversight: ensure we stay ahead of the curve with applicable laws, regulations, and standards, particularly SOC2, PCI DSS, ISO 27001, DORA, GDPR, and other relevant financial and data protection regulations.
    • Security evangelist: Foster a strong culture of security awareness across the organisation, delivering engaging training and promoting accountability.
    • Collaboration champion: partner with technology teams to embed security into system designs and implementations from the outset, supporting the security and resilience of PPRO’s services and organisation.
    • Audit and integrity: participate in internal and external audits, interact with suppliers and customers, continuously enhancing our security posture.
    • AI security advocate: support the secure and compliant adoption of AI technologies within PPRO. This includes assessing AI-related risks, developing security controls for AI systems, and ensuring AI initiatives comply with relevant regulations (such as GDPR and future AI-specific regulations).
    • Mentorship and guide: Provide guidance and mentorship to junior team members and peers across the business, sharing your knowledge and experience.
    • Innovation and continuous improvement: continuously identify opportunities to improve processes, tools, and methodologies, driving efficiency and effectiveness, and stay abreast of emerging technologies like AI and their security implications.

What would make you a great fit:

    • Technical expertise: a Computer Science Degree and/or an engineering background is a must.
    • Security expertise: Proven experience in security management, risk assessment, and compliance, with at least 5 years in a dedicated security role.
    • Regulatory savvy: deep understanding of regulatory frameworks (CSSF/EBA, DORA, ISO 27001) and industry standards (GDPR, PCI DSS).
    • AI awareness: Understanding of AI technologies and their potential security and compliance implications.
    • Certifications: Professional certifications such as CISSP, CISM, or CISA are highly preferred.
    • Communication skills: Excellent written and spoken English, with the ability to communicate complex issues effectively to a wide range of stakeholders.
    • People skills: Strong interpersonal skills and a commitment to fostering an inclusive and collaborative culture.
    • Mindset: Curiosity, a growth mindset, and a relentless commitment to continuous learning and innovation.

Nice-to-haves:

    • Cloud-native experience: Hands-on experience identifying, managing, and mitigating security risks in a cloud-native environment (AWS, GCP, Azure).
    • Technical acumen: Solid understanding of Kubernetes, Networking, Operating Systems, and DevSecOps practices.
    • FinTech knowledge: Familiarity with banking/payments, software development, and the FinTech industry.
    • AI/Machine Learning knowledge: Basic understanding of AI/ML principles and their application in a business context.
What's in it for you?:

Hybrid working - We offer a hybrid structure with a 3 days / week on site expectation, so you can strike the balance between office and home working. In addition to our 30-day holiday allowance, we also provide a work from abroad policy, enabling employees to work remotely for up to another 30 days per year

Lunch Vouchers - 12,80euros x 18 / month - Enjoy a moment of conviviality and a good and balanced meal thanks to your Lunch Pass.

Enhance Family Leave - We understand the importance of family - that's why we offer enhanced family leave to support you during key life moments.

Travel Insurance - because better safe than sorry - the travel insurance is covering (partially with certain excess amounts): Sickness, Costs in relation to rescission/break-off during a travel, Luggage and Accident.

Professional and personal development - We provide leadership cafes, on-the-job    
training, and access to LinkedIn learning to help you gain knowledge beyond your role. We also offer French language courses to our non native speakers employees.

Gym membership - PPRO helps contribute towards the costs of your gym membership, supporting your physical fitness journey while easing the burden on your wallet

Mental Health Platform - We’ve teamed up with a top well-being platform to provide one-on-one therapy, chat therapy, therapist-led courses, guided meditations, and more.

Our office - Located in Hollerich - two steps away from the Bouillon P+R and easily accessible with public transportations, our office is well equipped and is set up to foster team engagement and collaboration. From a walking distance to restaurants and bars, you are guaranteed to enjoy your lunches and afterworks.

Our Principles: 

We get things done: We are courageous; we take ownership, make decisions and get things done.

We act with trust and integrity: We listen first and challenge respectfully. We seek out and leverage diverse perspectives. We welcome and offer honest and open feedback, always assuming positive intent

We put the customer first: We are laser focused on delivering outstanding outcomes for our customers. We put the customer at the heart of what we do.

We make things better: We boldly explore  new ideas and have an unwavering commitment to continuous improvement.

We work as a team: We collaborate closely and value team success over individual achievement.

Apply for this job

PPRO Home Page

Jobs powered by Lever logo