
Senior Information Security Officer
CoinsPaidPosted 5/8/2025

Senior Information Security Officer
CoinsPaid
Job Location
Job Summary
CoinsPaid is a leading crypto payment gateway with a strong focus on innovation and growth. As a Senior Information Security Officer, you will be responsible for ensuring the company's information security risk management processes are up-to-date and compliant with industry standards such as ISO27001 and DORA. You will work closely with auditors, create and update processes, and participate in asset management to ensure the company's security posture is robust. With a team of 270 members across 30+ countries, you will have opportunities to collaborate with passionate colleagues and contribute to groundbreaking projects. CoinsPaid offers flexible remote work options, $4,000/year travel stipends, and equity in a fast-growing company. If you are passionate about crypto, fintech, and information security, this role may be for you.
Job Description
Responsibilities:
- Participation in external audits: ISO27001, DORA
- Communication with auditors in terms of explaining process evidence for ISO27001/DORA compliance
- Creation and periodical updating information security risk management approach considering best practices ISO27005, NIST etc.
- Follow up the information security risk management process across the company
- ISMS metrics creation/updating/collecting and communication
- Participation in assets management process creation
- Improving and updating processes needed for compliance with ISO27001 and DORA
- Tickets processing related to vendor onboarding process, new software approval, security due diligence, vulnerability management and other ISO27001/DORA related processes
Requirements:
- Technological education
- Analytical thinking, ability making business conclusions from technical details
- Technical background, understanding cloud technologies (Saas, PaaS, IaaS), basic AWS knowledge, basic understanding of microservice architecture principles, CI/CD and SDLC understanding
- Experience in building information security processes
- Understanding risk-oriented approach
- At least one implemented ISO27001 project from a scratch
- Ability to speak with non-technical colleagues, ability to transform technical risks to business risks and vice versa
- Good communication skills
- Good level of spoken and written English and Russian
Nice to have:
- Actual professional certificates CISSP, CISM, ISO27001 LI/LA
- Work experience in financial institutions or crypto processing