Description

Guru Pay is an EMI based in Lithuania with a goal to deliver a personalised boutique service to B2B/B2C customers. Our team is continuously growing and highly ambitious in delivering high-tier and high-security Payment services.

We are seeking an experienced, strategic Chief Information Security Officer (CISO) to lead the Information Security program at Guru Pay. They will be responsible for ensuring confidentiality, integrity, and availability of our systems, data, and operations across all products and services. To enforce alignment with applicable industry requirements and the required level of Information security, the CISO will continuously work with the Company’s executive team, suppliers, internal and external auditors and regulators.

What will you do:

• Define and control the implementation of the company’s information security strategy and Information Security Management systems
• Ensure alignment with applicable Information Security Industries standards (ISO 27001/27701, PCI DSS), frameworks (SOC2) and regulatory requirements and applicable laws (PSD2, GDPR, DORA)
• Lead implementation of secure-by-design principles and modern defense frameworks in the company’s products and services, both in-house and acquired from 3rd parties
• Enforce the information security risk management process, including but not limited to identifying, assessing and managing existing risks and controlling the risk remediation process
• Ensure effective supplier management process, which involves the company’s suppliers risk assessment, monitoring and validation of alignment of supplier implemented controls with applicable laws and the company’s demands
• Strengthen the company’s infrastructure, the company’s data and services protection by defining and controlling the implementation of organizational, technical and physical controls
• Control and facilitate effective incident management, business continuity, and disaster recovery process in the company, including evidence gathering, analysis and reporting to the company’s management board and regulators
• Advise the board and executive team on emerging risks, regulatory trends, and strategic priorities

What we are looking for:

• 5+ years in a senior Information Security, cybersecurity or ITSEC leadership role within a financial institution
• Strong knowledge of EU regulatory frameworks, particularly DORA, and ICT-related compliance standards
• Expertise in risk management, incident handling, and regulatory reporting
• Full professional fluency in English and Lithuanian
• Availability to work in Vilnius at least 3 days a week
• Professional certifications (e.g., CISM, CISSP, ISO 27001 Lead Auditor/Implementer) are highly desirable

What we offer:

• A starting salary of 6500-8300€ gross monthly, open to a different range due to experience and recruitment performance
• 2nd pillar pension fund coverage
• A day off on your birthday month
• Learning budget for professional development
• Hybrid work options between the office in Vilnius (3 days a week) and anywhere you desire
• Workations, health challenges & other types of quality time

Hiring stages:

• 60 min online call with the future leader to align expectations
• 60 min live interview with the future leader and the CEO