Paynovate

Contract Details

Part-Time: 3 days per week

Contract Type: Independent / Freelance

Start Date: ASAP

Location: Brussels (Hybrid: remote + on-site as required)

About the Company

We are a Brussels-based Fintech specialised in payment solutions for B2B clients, operating in a fast-paced and regulated environment. To support our continued growth and ensure the robustness of our security posture, we are looking for a seasoned Information Security Officer (ISO) to work with us on a part-time basis.

Role Overview

As our Information Security Officer, you will be responsible for leading and overseeing the company’s information security program. You will ensure ongoing compliance with regulatory requirements, PCI standards, and support internal stakeholders in embedding security into operations and product development.

Key Responsibilities

  • Develop, maintain, and enforce the company’s information security policies, procedures, and controls.
  • Oversee compliance with PCI DSS, GDPR, and applicable financial regulations.
  • Act as the primary point of contact for external audits and scheme assessments related to security and compliance.
  • Lead internal risk assessments, vulnerability management, and business impact analyses.
  • Work with internal teams (IT, Product, Operations) to ensure secure design, development, and deployment of systems and processes.
  • Conduct internal security awareness and training sessions as needed.
  • Maintain incident response procedures and support the resolution and reporting of security incidents.
  • Advise senior management on security posture, emerging risks, and required investments.
  • Coordinate with third-party providers, partners, and clients regarding security standards and due diligence processes.

Requirements

  • Proven experience as an Information Security Officer, ideally in a Fintech, Payments, or Financial Services environment.
  • Strong knowledge of PCI DSS, ISO 27001, NIS2, GDPR, and related frameworks.
  • Good understanding of Hardware Security Modules (HSMs) and cryptographic key management practices, especially in a payment processing context.
  • Hands-on experience with risk assessments, internal controls, audit management, and incident handling.
  • Ability to translate regulatory and technical requirements into business-aligned solutions.
  • Strong stakeholder communication skills, especially in reporting to management and regulators.
  • Fluent in English; French and/or Dutch are a plus.
  • Must be based in Belgium and able to work from Brussels office.

%FOOTER_POWERED_BY%breezy