Security & Compliance Manager leading Tagup’s security and compliance efforts in defense technology. Engaging in national security initiatives and driving compliance with federal standards.
PC
Hybrid Head of Operational Risk, Information Security
Posted 5 months ago
About the role
- Head of Operational Risk & Information Security at Pliant responsible for compliance with risk management frameworks. Leading a team to enhance operational resilience and information security governance.
Responsibilities
- Lead the development and continuous improvement of Pliant’s Operational Risk and Information Security Frameworks
- Maintain governance, control, and reporting structures aligned with Pliant Oy’s EMI obligations and group-wide needs
- Act as the 2nd Line of Defence lead, providing independent oversight, assurance, and challenge across all entities
- Manage and mentor a team of risk and IT security specialists
- Advise senior management, the Risk Committee, and the Board on operational resilience and ICT/security risk
- Own the enterprise-wide incident management framework covering ICT and non-ICT incidents
- Maintain a consistent incident classification, escalation, and reporting structure across jurisdictions
- Lead post-incident reviews and root cause analyses
- Ensure compliance with major incident notification obligations under PSD2 and DORA
- Maintain and enhance Pliant’s Information Security Management System (ISMS)
- Develop and enforce information security policies and controls that support business goals and regulatory requirements
- Oversee cyber incident detection, analysis, and response
- Coordinate Business Continuity Management (BCM) across the group
- Conduct and maintain Business Impact Analyses (BIAs)
- Oversee the outsourcing and third-party risk management framework in line with EBA Guidelines
- Serve as the primary point of contact for operational risk and information security matters with regulatory bodies
Requirements
- Bachelor’s or Master’s degree in Information Security, Risk Management, Computer Science, or a related discipline
- 5+ years of experience in operational risk, ICT risk, or information security management, ideally within financial services, fintech, or EMI
- Demonstrated experience implementing or managing ISO 27001, SOC 2, and PCI DSS frameworks
- Strong knowledge of EBA, DORA, and PSD2 operational and ICT risk requirements
- Proven ability to lead a small team and engage effectively across Technology, Operations, and Compliance functions
- Excellent communication, stakeholder management, and presentation skills at all levels.
Benefits
- Attractive remuneration
- Flexibility and possibility to work remotely
- Company card with a monthly allowance for lunches, coffee, etc. with co-workers
- Opportunity to develop your talent in a dynamic team with ambitious goals
- Flat hierarchy and transparent communication in a relaxed, professional atmosphere
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Security Researcher specializing in Windows and macOS threat detection for an AI - powered security platform. Conducting research and developing detections for threats, malware, and vulnerabilities.
Information Security Specialist supporting operational execution of ISMS lifecycle tasks in Budapest. Collaborating with stakeholders for risk assessment and management activities.
Information Security Specialist responsible for ISMS lifecycle tasks at ALDI. Collaborating with stakeholders on risk assessment and treatment activities while ensuring effective governance.
Client Security Manager at Atos delivering security requirements for clients and supporting Information Security strategies. Engaging with client security organizations and managing security incidents and compliance.
Security Engineer providing application security guidance for YUM! e - commerce and mobile apps. Collaborate with teams to identify and remediate security vulnerabilities effectively in various applications.
Information Security Officer responsible for cybersecurity strategies and compliance in an IT service provider for food and beverage industry. Developing security standards, managing incidents, and collaborating with leadership.
Senior Security Engineer responsible for implementing security systems and conducting incident response at Emburse. Collaborating with teams to identify and mitigate security threats.
Cybersecurity Engineer guiding systems through the Risk Management Framework at Skyward Federal. Ensuring compliance with DoD cybersecurity requirements and maintaining secure technologies.
Cybersecurity Intern at Thndr. Gain hands - on experience in securing cloud - native infrastructure and applications while collaborating with senior security engineers.