Play a key role in shaping the security strategy of a fast-growing international tech group.

At Netrisk Group, we’re building a centralized Information Security function from the ground up — and we’re looking for a visionary, hands-on leader to drive this transformation. This role goes far beyond operational oversight: it’s a unique opportunity to influence how we secure our platforms, protect customer trust, and embed security into every layer of our organization across six countries.

If you thrive in a dynamic, cross-functional environment and want to leave a lasting mark on a company’s digital future, we’d love to hear from you.

Key Responsibilities:

• Define, own and drive the Group-wide information security strategy, policies and standards (ISO 27001, NIST, GDPR, etc.).
• Continuously benchmark against industry best practices and adapt controls to evolving threats.
• Lead annual and ad-hoc risk assessments across all business units and countries; coordinate remediation plans.
• Oversee compliance with relevant regulations (GDPR, local data protection laws) and manage external audit processes.
• Establish and mature a centralized Security Operations capability (SIEM, vulnerability management, endpoint protection).
• Develop and lead incident response playbooks; act as escalation point for major security incidents and coordinate cross-border investigations.
• Evaluate, onboard and manage security posture of third-party vendors and partners
• Define Third-Party Risk Management framework and conduct regular security reviews.
• Collaborate with IT and Dev teams to review architecture, perform security architecture assessments and validate secure design of new products/features.
• Occasionally roll up your sleeves to prototype security tooling, review code libraries or configure security platforms when deeper technical intervention is needed.
• Serve as the key liaison between Security, IT, Operations, Legal and local country leads to ensure coherent, business-aligned security practices.
• Design and deliver ongoing security awareness and training programs for employees and partners across all regions.

Required Experience and Skills

• Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity or related field.
• Industry certifications preferred (CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor).
• 5 + years in Information Security roles with proven track record of building or scaling security programs in a multi-country environment.
• Prior exposure to technology or digital services companies (SaaS, ecommerce, call center/BPO setups) is a strong advantage.
• Hands-on familiarity with SIEM platforms, vulnerability scanners (e.g. Qualys, Nessus), EDR tools and cloud security controls (AWS/Azure/GCP).
• Solid understanding of secure software development lifecycle (SDLC) and common threat models (OWASP, MITRE ATT&CK).
• Exceptional communication and presentation skills in English, with the ability to translate technical risk into business terms.
• Strong project management capabilities, able to juggle multiple initiatives and stakeholder priorities.
• Demonstrated cultural sensitivity and experience working across diverse teams and regions.