AUTSORSA is a fast-growing company founded and based in Bulgaria that serves clients from all over the world, providing business outsourcing and outstaffing services.
Our mission is to discover talent and inspire to achieve good results. Our goal is strong results for the needs of our clients and satisfaction in the work of our teams.
Our client is a pioneering crypto exchange and broker-dealer committed to offering secure, innovative, and compliant solutions within the rapidly evolving virtual assets space. Based in the UAE, they operate under the stringent regulations of the Virtual Assets Regulatory Authority (VARA). We seek a dedicated professional to join they're team as a combined Chief Information Security Officer (CISO) and Data Protection Officer (DPO) to lead our cybersecurity and data protection efforts.
About the Role:
In this hybrid CISO/DPO role, you will play a pivotal part in safeguarding our systems, data, and customer information. You will develop and implement robust security frameworks, ensure compliance with VARA's cybersecurity and data protection standards, and lead our organization’s efforts to mitigate risks and respond effectively to security threats.
Key Responsibilities:
Cybersecurity Leadership (CISO Responsibilities):
- Framework Development: Design and implement a comprehensive cybersecurity framework, including policies, procedures, and standards to protect systems and data.
- Risk Management: Conduct regular risk assessments to identify vulnerabilities and mitigate threats.
- Security Controls: Oversee the deployment and maintenance of security measures such as firewalls, intrusion detection systems, encryption, and access controls.
- Incident Response: Develop and manage a detailed incident response plan to address security breaches promptly and effectively.
- Compliance: Ensure compliance with VARA's cybersecurity regulations and provide regular updates to management.
- Threat Intelligence: Monitor emerging cybersecurity risks and proactively address potential vulnerabilities.
Data Protection Leadership (DPO Responsibilities):
- Compliance Oversight: Ensure all data processing activities comply with VARA regulations and applicable data protection laws.
- Advisory Role: Provide expert guidance on data protection principles, best practices, and compliance requirements.
- Training & Awareness: Educate employees and management about cybersecurity and data protection principles.
- Incident Management: Serve as the point of contact for data breach notifications and manage responses effectively.
- Data Subject Rights: Address data subject access requests and handle complaints related to data protection.
- Regulatory Liaison: Act as the primary contact for VARA and other regulatory authorities on data protection and cybersecurity matters.
Qualifications:
- Education: Bachelor’s degree in Computer Science, Cybersecurity, Law, or a related field.
- Experience: At least 5 years of experience in cybersecurity and data protection, preferably in financial services or cryptocurrency.
- Technical Expertise: Strong understanding of network security, cryptography, data protection principles, and security tools.
- Regulatory Knowledge: Comprehensive understanding of VARA-UAE regulations and other relevant data protection frameworks.
- Certifications (Preferred): CISSP, CISM, CISA, GDPR Certification, or equivalent.
- Skills: Excellent analytical, problem-solving, and communication skills. Strong leadership and the ability to foster a security-conscious culture.
Why Join Us?
- Competitive salary and benefits package.
- Opportunities for professional growth in a cutting-edge industry.
- Opportunity to earn equity as part of our commitment to rewarding long-term contributions.
- Collaborative and innovative work environment.
- A chance to shape the security and data protection landscape of a leading crypto broker-dealer in the UAE.
By applying to this advertisement, you voluntarily provide your personal data and consent to their processing for the purposes of the recruiting. The processing of your personal data is carried out in full compliance with the requirements of Regulation (EU) 2016/679 (General Data Protection Regulation), the Personal Data Protection Act and all other applicable regulations
License for the selection of personnel from the Employment Agency No. 3484 of 08.03.2023 and No. 3485 of 08.03.2023 for the EU.
