Chief Information Security Officer (CISO) (m/f)

Responsibilities: ICT Governance & Security Strategy: - Develop and implement Information Security Strategy aligned with MiCA & DORA - Establish Information Security Management System (ISMS) - Report ICT risk posture directly to Board Infrastructure & Operational Security - Ensure secure architecture of: Wallet custody systems, Internal corporate infrastructure - Implement access control, encryption, logging & monitoring standards - Oversee penetration testing and red-team exercises Risk & Compliance: - Conduct ICT Risk Assessment - Maintain ICT Risk Register - Ensure compliance with: DORA operational resilience requirements, MiCA safeguarding and operational security standards - Assist the Outsourcing Officer in overseeing outsourcing arrangements and third-party ICT risk management Incident & Crisis Management: - Develop and test Incident Response Plan - Lead response to security breaches - Ensure regulatory reporting of major ICT incidents Audit & Documentation: - Prepare documentation for regulator review - Coordinate external IT security audits - Ensure readiness for regulatory inspections

Education & Certifications: - Degree in Information Security, Computer Science, Engineering or related field - 2-5 years in cybersecurity - Certifications preferred: CISSP / CISM / ISO 27001 Lead Implementer, CEH, OSCP or equivalent (advantage) Regulatory Knowledge: Strong understanding of: MiCA (Regulation EU 2023/1114), DORA (Digital Operational Resilience Act), EBA ICT & Security Risk Guidelines, ISO 27001 / ISO 27002 frameworks, GDPR (security aspects) - Experience in fintech, banking, payment institutions or crypto exchange Technical Expertise: - Infrastructure security (cloud & on-prem) - Secure wallet infrastructure (hot/cold storage segregation) - Key management & cryptographic controls - Penetration testing & vulnerability management - SIEM / SOC setup and monitoring - Incident response frameworks Skills: - Risk-based security design - Ability to build ISMS from scratch - Vendor risk management - Strong documentation and reporting skills Personal Qualities: - Independent decision-maker - High accountability mindset - Structured and risk-oriented - Ability to communicate technical risks to Board level