Clip is changing the way payments work in Mexico! We are empowering people to exchange value directly from a mobile device. Clip enables anyone to accept card payments, at any time, and any where by turning your smartphone or tablet into a card terminal.
We empower people to exchange value!
So we want YOU to turn the ordinary into the EXTRAORDINARY!
She/He will be the responsible for the definition, establishment ,implementation and continuous evaluation of the Information Security Management Systems (ISMS) strategy, policies and procedures according to best practices standards (ISO 27001, ISO 27002) and compliance frameworks (PCI DSS), development and management of Cyber security strategy (NIST CSF, ISO 27032), implementation of best practice security guidelines (SANS, CIS), and security governance for cloud environments (Cloud Security Alliance , ISO27017) and data protection in line with Clip ́s information security enterprise strategy.
o Bachelor's degree Telecommunication, Cybernetics, Electronics, IT or equivalent
o +5 years of experience over Information security governance, management of cybersecurity programs, and
compliance with PCI DSS and other regulatory frameworks for financial sector.
o +2 years of experience implementing security over devops and cloud services.
o +2 Experience with AWS security architecture and compliance, certification for AWS security is a plus
o Keep in good standing one Security certification from recognized institutions: ISC2, ISACA, CSA, GIAC,
SANS, ISO, PCI.
o +1 year of Experience in fintech, payments or financial industry is required.
• Expert knowledge and experience specific to enterprise information security technologies, tools and services for (Cloud, IT Infrastructure, Networks, Applications, mobile and endpoint.) cybersecurity and data protection.
• Strong hand-on knowledge of industry standards and frameworks (ISO 27001 and ISO 27001, NIST CSF, ISO27032, CSA, etc.), best practices (OWASP, SANS, CIS) and regulations (PCI DSS, GDPR, Cyber Security ISO27032, etc.)
• 2 years of experience implementing and enforcing Security compliance for cloud environments using proprietary and specialized tools for AWS.
• 2 years of experience implementing security governance procedures and tools for enforce security over software development lifecycle , working on a devops performing culture and cloud infrastructure environments
• 2 years of experience performing several assessments and analysis of security posture and using different frameworks ISO 27005 , NIST , OCTAVE
• 2 years of experience performing different security posture and Vulnerability assessments using automatic or manual tools, bases on security assurance techniques and best practices.
• Good Knowledge applying the different PCI Council standard portfolio like PCI DSS, PA DSS, PCI PIN, over services, technology.