Position Purpose and Impact

The Associate Director, Security and Compliance will lead our organization's strategic development and implementation of robust security programs and compliance frameworks. In this pivotal role, you will drive initiatives that safeguard our digital assets and ensure adherence to regulatory and industry standards. By collaborating with cross-functional teams, you will design and refine risk management processes, oversee internal and external audits, and champion best practices in IT security. Your leadership will be essential in cultivating a culture of proactive security awareness, enabling our company to innovate confidently while protecting sensitive information and maintaining customer trust.

Responsibilities

• Strategic Leadership: Develop and execute the overall IT security and compliance strategy in alignment with business objectives and regulatory requirements.
• Policy Development: Create, implement, and maintain comprehensive security policies, procedures, and frameworks that adhere to industry best practices.
• Risk Management: Oversee the identification, assessment, and mitigation of IT security risks, including the execution of vulnerability assessments and threat analyses.
• Audit Oversight: Manage internal and external security audits, ensuring timely remediation of any identified gaps or vulnerabilities.
• Incident Response: Lead the development and execution of incident response and disaster recovery plans, coordinating with cross-functional teams to minimize the impact of security breaches.
• Team Leadership: Mentor, manage, and develop a high-performing IT security and compliance team, promoting continuous learning and adherence to best practices.
• Vendor Management: Oversee vendor risk assessments and ensure that third-party service providers comply with established security and compliance standards.
• Regulatory Liaison: Serve as the primary point of contact for regulatory bodies and auditors, maintaining transparent communication and thorough documentation of compliance efforts.
• Continuous Improvement: Monitor emerging security trends and regulatory changes, proactively updating policies and procedures to enhance the organization's security posture.
• Reporting & Metrics: Provide regular reports and strategic insights to senior leadership on key security metrics, risk assessments, and compliance initiatives.

Desired Qualifications

• Strong strategic thinking and analytical skills, with the ability to translate business objectives into technical solutions.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and influence key stakeholders.
• Demonstrated ability to attract, retain, and develop top talent, fostering a culture of innovation and continuous improvement.
• Proven efficiency in collaborating with cross-functional teams to define project requirements, scope, and priorities.
• Experience with Microsoft Entra and Active Directory.

Desired Education and Experience

• Bachelor’s degree in computer science, information systems, or related discipline.
• Minimum 5 years senior management experience leading large-scale technology initiatives.
• 5 years of proven experience in team management, including onshore and offshore teams.
• Experience working in medium to large-sized teams within financial institutions, payment processors, or fintech companies.
• Familiarity with regulatory frameworks such as PCI DSS, GDPR, or relevant financial regulations.
• Experience operating within the financial industry, particularly in sectors handling credit card transactions.