Our vision is to create a world where everyone has control over their financial future. Nucoro is the leading technology platform that enables financial institutions to build and scale digital products in savings, investing and wealth.
We are looking for people with big ideas and a walk-the-walk attitude to go with it. We are looking for creative minds that are passionate about digital innovation and excited to change financial services for the better using technology.
To facilitate the next stage of our growth we are looking for an experienced Information Security Officer to join our technical team in Madrid.
The ISO is on a mission to lead different functions inside the security team. The goal is to sustain and enhance effective and scalable security functions inside the information security program, including development and growth of the security team.
The ISO works closely with the CTO, other executives and the information security team to prevent and react to information security incidents, and spread knowledge internally about existing security controls. They are supporting the company’s Information Security Management System and all related policies, procedures as well as maintaining its compliance with standards and supporting its certifications.
- Strong foundation in security concepts, controls, policies and security organisation structures
- Experience implementing and maintaining an ISMS (Information Security Management System)
- Previous experience working in the banking, insurance or FinTech industry
- 5+ years experience in a similar role
- Broad knowledge in common information security management frameworks, such as ISO/IEC 27001, SOC2 and ISAE
- Experience with data protection and privacy (CID management and protection, GDPR implementation)
- Good knowledge in different technology domains such as cloud infrastructure, APIs, data exchange and application architecture
- Experience with incident management, business continuity plans and disaster recovery procedures
- Excellent teamwork, communication and collaboration skills
- Excellent written and verbal technical and personal communication skills in English and Spanish
- Implement and maintain the ISMS of the company
- Lead security certifications (ISO/IEC 27001, SOC2, ISAE, etc.)
- Establish effective security controls, relevant low-level policies, processes and structures
- Enable executives to make informed information security and data protection decisions, in line with acceptable levels of risk and internal/external policies
- Define roles and tools used to manage security within the company
- Allow for greater protection of Nucoro and its clients' assets and limiting exposure to incidents and data protection breaches
- Identify security events and incidents, report on them and contain them to minimise the consequences
- Review security controls and policies regularly and improve controls where required
- Perform regular security tests such as business continuity and disaster recovery tests, periodic security assessments, etc.
- Educate teams on security controls relevant to them, pass on knowledge of security policies, and promote best security practices within the organisation
- Optimise information security processes through monitoring and automation
- Ensure data protection and comprehensive log management
- Provide up to date documentation on security
- Work with JIRA and agile methodologies
Our engineering team is based in Madrid, all operating functions are based in the heart of the City in London. Both environments offer all the flexibility and perks that you expect from a small but quickly growing firm.
At our Madrid location, we treat you to the following:
- Meal allowance
- A breakfast kitchen and fruit during the day
- A budget for your equipment
- Access professional learning resources
- Remote work friendly
- Flexible working hours