Chief Information Security Officer

Legal & Compliance · Reykjavík, Iceland
Department Legal & Compliance
Employment Type Full-Time
Minimum Experience Experienced

Lucinity is a fintech SaaS startup using Human AI to Make Money Good. Our anti-money laundering (AML) platform helps banks fight financial crime. The company is one of the fastest-growing SaaS startups in Europe and currently serves clients that range from small FinTechs to global incumbent banks. Our team consists of brilliant individuals from various backgrounds located in Reykjavík, New York, London, Stockholm, and Brussels. We enjoy working in an open and inclusive environment. Continuous learning is in our DNA and we celebrate different perspectives to help us grow as a company and as individuals.


Delivering state-of-the-art financial compliance services requires the management of sensitive personal data from banks and financial institutions. To ensure the safety of customer data, Lucinity operates an Information Security Management System (ISMS) and deploys multiple efforts through talent management, development, and deployment, as well as in the daily operations to ensure the security and privacy of this data. The management of Lucinity is committed to preserving the confidentiality, integrity, and availability of all physical and electronic information and information-related assets to meet the purpose and goals of the organization. The company is ISO 27001 certified and SOC-2 compliant and seeks to continuously strengthen its security operations.


As the CISO of Lucinity, you will be responsible for the overall company strategy on security and privacy. You will report to the VP of Legal and Compliance, but you will also be the head of the Security Management Review Board, which includes most of the management team and meets regularly to review and advance the company's security efforts.


The ideal candidate has a strong technical background and multiple years of experience working in application and information security.


Focus:

  • Be the internal and external information security and privacy expert.
  • Provide advice and direction to the management team on security-related matters.
  • Work with prospects, customers, and external agencies on explaining and improving the company's security measures.
  • Work with security vendors on application security, penetration testing, and security training for development teams.
  • Manage and advance the company security accreditations.
  • Develop internal security processes for personnel, systems, and information assets.
  • Continuously improve the company's security measures with tools and training.
  • Make security an integral part of all operations, while at the same time minimizing its impact on productivity. 


Key Qualifications:​​​​​

  • An excellent understanding of best practices within Information Security and risk management including standards such as ISO/IEC 27001, Cyber Essentials, and SOC-2.
  • An excellent understanding of legislation and regulations that impact information Security e.g. Data Protection Act (2018), Freedom of Information Act, PCI-DSS.
  • At least a CompTIA Security+ certification, preferably a Certified Information Systems Security Professional (CISSP) or similar.
  • An understanding of current and emerging cloud application threats and countermeasures and the organizational challenges to addressing these threats.
  • Experience in the security management of leading cloud platforms, such as Azure, GCP, AWS. 
  • Experience in designing security processes for cloud development, CI/CD workflows, and data pipelines.
  • Practical knowledge of security technologies and wider business solutions including firewalls, IDS/IPS, Identity and access management, SIEM, remote working, and other cloud technologies.
  • Enthusiastic about educating and enabling others, and integrating security into all operations.


Additional Nice To Haves:

  • Experience working in a Saas company, fintech, and/or financial compliance environments.
  • Experience in risk management.
  • Experience in the isms.online platform for information security.


At Lucinity we’re working to ensure a supportive, empowering, and inclusive environment for every member of our team. This is integral to our mission of Making Money Good.
We’re an equal opportunity employer. All applicants will be considered for employment - whatever their identity or background. We look forward to hearing from you.


The application deadline is February 10th, 2022. For more info, please contact Daniel Palmason, VP of Legal & Compliance: daniel@lucinity.com.


Transforming AML creates a tremendous positive impact on society. Money laundering is the crime that fuels crime. That is why we set out on our mission of Making Money Good. 

Do you want to shine a light on dark finance?

Thank You

Your application was submitted successfully.

  • Location
    Reykjavík, Iceland
  • Department
    Legal & Compliance
  • Employment Type
    Full-Time
  • Minimum Experience
    Experienced