Information Security Officer (ISO)

Mellon Technologies, the parent company of Mellon Group of Companies, was founded in 1994 in Athens. Our offering consists of specialized technology solutions, contact centre and business process outsourcing services, to serve the increasing needs of financial institutions and organizations with strong consumer transactions business, such as Retail Banks, Public Utilities, Telecommunications Providers and large Private Companies.

Mellon Technologies seeks to hire an Information Security Officer (ISO).

Key Duties and Responsibilities:

• Develop and Implement Security Strategies
• Design and manage the overall security strategy for the organization, aligning it with business goals.
• Implement security controls and tools to protect company data and systems from external and internal threats.

Risk Management:

• Perform regular risk assessments and vulnerability scans.
• Identify potential threats and risks and recommend mitigations.
• Develop business continuity and disaster recovery plans.

Security Policies and Procedures:

• Create, update, and enforce security policies, guidelines, and procedures.
• Ensure compliance with relevant security regulations (e.g., GDPR, PCI DSS, , ISO 27001, NIST, DORA).

Incident Management:

• Lead investigations and responses to security breaches and incidents.
• Coordinate the development of response plans for cybersecurity incidents and work closely with IT and legal department on remediation efforts.

Security Awareness and Training:

• Provide regular security awareness training for staff to educate them about security risks and best practices.
• Conduct security audits to ensure compliance with policies and identify areas for improvement.

Compliance and Auditing:

• Ensure compliance with legal, regulatory, and contractual obligations related to information security.
• Manage security audits and work with internal or external auditors to address any identified weaknesses.

 Monitor and Review Systems:

• Monitor network traffic, system logs, and other security-related activities to detect and prevent unauthorized access or threats.
• Conduct periodic reviews of security measures and recommend improvements.

Vendor and Third-Party Management:

• Review third-party vendors to ensure their security practices meet company standards.
• Maintain a strong security posture across partnerships, and external services.

Collaboration with IT and Other Departments:

• Work closely with IT departments and other business units to ensure information security measures are integrated into day-to-day operations.
• Advise the executive team on potential security risks and necessary investments in security technologies.

Security Audits and Assessments:

• Oversee penetration testing, vulnerability assessments, and other security testing initiatives.
• Evaluate and recommend security products and solutions for enhanced protection.

Requirements

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field. A Master's degree is a plus.
• CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager)., CEH (Certified Ethical Hacker) or other relevant security certifications.
• 5+ years of experience in IT security or information security management.
• Proven track record of managing security for medium to large organizations.
• Strong knowledge of security frameworks (e.g., ISO 27001, NIST, PCI DSS).
• Experience with firewalls, IDS/IPS systems, antivirus software, encryption technologies, etc.
• Hands-on experience with risk assessments and compliance audits.
• Strong problem-solving skills with the ability to quickly assess threats and vulnerabilities.
• Experience with security tools like SIEM, IDS/IPS, DLP, etc.
• Ability to influence stakeholders and communicate complex security concepts to non-technical audiences.
• Strong organizational and time management skills.

Benefits

• Opportunities to evolve into an international hyper-technological working environment
• Multicultural and excellent working environment
• Leading-edge technology
• Continuous training