Skip to content

Group Head of Security

  • On-site
    • Limassol, Cyprus
  • IT

Job description

We're partnering with a well-established player in the financial services sector to find an experienced Group Head of Security to lead and shape their security function.

What You'll Be Doing

  • Designing and building security frameworks aligned with ISO 27001, NIST CSF, CIS Controls, and SOC 2, while ensuring ongoing compliance with DORA, EBA Guidelines, and ISO 27001

  • Setting up the governance structure for information security, including policies and risk management processes

  • Defining and tracking security metrics and KPIs, reporting findings to executive leadership

  • Architecting secure network segmentation and perimeter defenses to protect critical infrastructure

  • Partnering with engineering teams to embed security into the SDLC, integrating automated checks (SAST, DAST, SCA, container scanning, and other application security tooling) into CI/CD pipelines

  • Running penetration tests and API security assessments using tools like Kali Linux, Metasploit, and Burp Suite

  • Offering practical, hands-on remediation support that developers can act on directly

What You'll Bring

  • At least two of the following certifications: an offensive security credential (OSCP, OSCE, GPEN, or CEH), a security management credential (CISSP or CISM), a cloud security credential (CCSP, AWS Security Specialty, or Azure Security Engineer), or CISA

  • 8+ years working in information security, including 3+ years in a leadership capacity

  • Essential: background in a regulated financial environment — banking, brokerage, payments, or fintech

  • Direct experience conducting penetration tests and vulnerability assessments

  • A development or DevOps foundation, with real coding experience

  • A track record of rolling out DevSecOps practices and automating security processes

  • Exposure to regulatory audits and compliance reviews

Technical Toolkit

  • Comfortable with offensive security tools such as Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark, and SQLMap

  • Strong Python skills (preferred), or solid proficiency in another programming language

  • Confident scripting in Bash, Zsh, and PowerShell

  • A pragmatic approach to security — balancing protection with business needs

  • Natural collaborator who earns the trust of engineering teams

  • Skilled at communicating technical risk in terms business stakeholders understand

Bonus Points

  • Background working with trading platforms, payment systems, or financial infrastructure

  • Understanding of security considerations around AI, ML, or LLMs

  • Familiarity with MT5, trading APIs, or payment processing systems

On Offer

  • A permanent position within a fast-scaling, international organization

  • Competitive compensation and benefits package

  • Hybrid working model

  • A collaborative, supportive team culture

  • Strong long-term growth and development prospects

On-site
  • Limassol, Cyprus
IT

or