chief information security officer (ciso) greece

The CISO will not only act as the guardian of Nexi Greece’s digital assets but will also serve as a strategic enabler, fostering secure innovation across all digital financial services. They will champion cybersecurity resilience aligned with both Greek regulatory expectations and Group-wide cyber strategy.

About Your Future Role

In this position, you will:

• Creating and executing a country specific information security strategy that is consistent with the Groups's objectives and goals.

• Developing and executing controls to safeguard the organisation's services.

• Ensuring compliance with all relevant laws, regulations, and contractual obligations that relate to information security, including Bank of Greece mandates, GDPR, and NIS Directive adaptation.

• Supervising the implementation of security measures for network security, access management, end point protection and cloud security.

• Handling security incidents and managing the organisation's incident response plan.

• Liaise with Hellenic Data Protection Authority (HDPA) in case of breaches or audits.

• Act as cybersecurity liaison with internal Risk, AML, Fraud and Compliance teams to proactively mitigate threats across digital financial channels.

• Delivering regular reports to the board of directors and senior executives regarding the organisation's information security position.

What Makes You a Great Fit
We’re looking for someone eager to make a difference. Here’s what we value:

Relevant Job Experience:

Candidates for this position are expected to bring a proven track record across the following areas of responsibility:

• Minimum 8–15 years of progressive experience in cybersecurity, with at least 5 years in a senior leadership or CISO role within Fintech, Paytech, Banking, Telecommunications, or Cybersecurity Consulting industries.

• Successfully led the creation and execution of a localized information security strategy aligned with group-wide objectives and business needs.

• Directed the implementation and optimization of cybersecurity controls, covering network security, endpoint protection, cloud environments, identity & access management and physical security.

• Ensured compliance with national and European regulations, including Bank of Greece directives, GDPR, PSD2, and the NIS Directive.

• Managed major security incidents and led the organization's incident response efforts, ensuring minimal disruption and transparent stakeholder communication.

• Provided regular risk posture updates and strategic cybersecurity briefings to the board, executive leadership, and regulatory stakeholders.

• Acted as the primary point of contact for the Hellenic Data Protection Authority (HDPA) and managed audits, investigations, and reporting procedures.

• Collaborated cross-functionally with Risk, AML, Fraud Prevention, IT, and Compliance to ensure alignment on risk mitigation and threat detection.

• Championed next-generation security approaches including Zero Trust Architecture, DevSecOps integration, and artificial intelligence (AI) integration in security processes.

• Oversaw cybersecurity readiness for digital payments infrastructure, including PCI-DSS compliance, secure software development lifecycle (SDLC), and data encryption standards.

• Stayed ahead of evolving threats and technologies, integrating AI-driven cybersecurity tools, real-time threat intelligence, and predictive analytics.

• Represented the company in external security forums, banking associations, and information-sharing alliances in Greece and the broader EU.

Essential Qualifications: 

• Degree in engineering, computer science or similar paths.

• Certified / familiar on leading cyber security standards from the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO).

• Certified / familiar with project management methodologies.

• Fluent in Greek and English, with the ability to interface with local teams, authorities, and international stakeholders.

Soft skills required:

• Business acumen and knowledge of high-level business operations.

• Ability to communicate effectively and transform technological concepts into the business language that other C-suite executives understand.

• Strong management and leadership skills.

• Ability to stay calm under pressure and respond swiftly to any cyber security breaches.
   

Bonus Skills: 

• CISM, CISA, CCSP (Cloud Security), CRISC (Risk), ISO 27001 LA.

• Familiarity with DevSecOps, Zero Trust, and  other security platforms.