As the Chief Information Security Officer at INFINIT, you will be the single point of contact for the Board and the CSSF on all ICT, security and operational resilience matters for our CSSF-licensed Payment Institution in Luxembourg. In a rapidly evolving regulatory environment like DORA, CSSF Circular 25/880 and PSD3 in progress, you will design and build a robust, proportionate IT and security governance framework from the ground up, suited to our size and risk profile.
The Group has a clear ambition to expand its services across Europe. As we will passport our licence and establish operations in new EU jurisdictions, this role will carry responsibilities beyond the CSSF perimeter including engagement with local regulators and compliance with jurisdiction-specific ICT and security requirements.
You will also operate within the Group’s existing infrastructure and technology team, coordinating closely with the Group IT function while building the PI’s own regulated governance framework.
In accordance with DORA and CSSF Circular 25/880, this role requires the formal designation of the appointee as the entity’s ICT Risk Management responsible before the CSSF. The incumbent must be able to represent the entity during on-site and remote supervisory reviews conducted by the CSSF.