Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.
PC
Hybrid Head of Operational Risk, Information Security
Posted 2 months ago
About the role
- Head of Operational Risk & Information Security at Pliant responsible for compliance with risk management frameworks. Leading a team to enhance operational resilience and information security governance.
Responsibilities
- Lead the development and continuous improvement of Pliant’s Operational Risk and Information Security Frameworks
- Maintain governance, control, and reporting structures aligned with Pliant Oy’s EMI obligations and group-wide needs
- Act as the 2nd Line of Defence lead, providing independent oversight, assurance, and challenge across all entities
- Manage and mentor a team of risk and IT security specialists
- Advise senior management, the Risk Committee, and the Board on operational resilience and ICT/security risk
- Own the enterprise-wide incident management framework covering ICT and non-ICT incidents
- Maintain a consistent incident classification, escalation, and reporting structure across jurisdictions
- Lead post-incident reviews and root cause analyses
- Ensure compliance with major incident notification obligations under PSD2 and DORA
- Maintain and enhance Pliant’s Information Security Management System (ISMS)
- Develop and enforce information security policies and controls that support business goals and regulatory requirements
- Oversee cyber incident detection, analysis, and response
- Coordinate Business Continuity Management (BCM) across the group
- Conduct and maintain Business Impact Analyses (BIAs)
- Oversee the outsourcing and third-party risk management framework in line with EBA Guidelines
- Serve as the primary point of contact for operational risk and information security matters with regulatory bodies
Requirements
- Bachelor’s or Master’s degree in Information Security, Risk Management, Computer Science, or a related discipline
- 5+ years of experience in operational risk, ICT risk, or information security management, ideally within financial services, fintech, or EMI
- Demonstrated experience implementing or managing ISO 27001, SOC 2, and PCI DSS frameworks
- Strong knowledge of EBA, DORA, and PSD2 operational and ICT risk requirements
- Proven ability to lead a small team and engage effectively across Technology, Operations, and Compliance functions
- Excellent communication, stakeholder management, and presentation skills at all levels.
Benefits
- Attractive remuneration
- Flexibility and possibility to work remotely
- Company card with a monthly allowance for lunches, coffee, etc. with co-workers
- Opportunity to develop your talent in a dynamic team with ambitious goals
- Flat hierarchy and transparent communication in a relaxed, professional atmosphere
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Information Systems Security Officer managing operational security posture for information systems at GDIT. Collaborating closely with ISSM and ISO, handling security aspects, and ensuring compliance with security standards.
Senior Cyber Security Project Manager at Airbus Protect managing medium complexity projects in Cyber Security Consulting. Focusing on project leadership and team management in diverse client settings.
Security Architect responsible for designing cloud security architectures for leading brands. Ensuring compliance and guiding incident response strategies in AWS environments.
Senior Security Consultant for ISMS Management at Bundesdruckerei GmbH in Berlin. Responsible for security analysis, management, and advisory roles on cybersecurity issues.
IT - Systemadministrator managing Video Surveillance and Alarm Systems at Mühlbauer. Supporting technical solutions for multimedia and conference systems with project involvement and ticket handling.
AI Application Security Architect in charge of driving secure development lifecycle for AI systems across multi - cloud environments and hybrid platforms.
Security Project Manager responsible for managing cyber - security project delivery and ensuring quality execution in Bulgaria. Requires excellent communication skills and fluency in English.
Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.
IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.