About Baubap

We are a fast-growing, Mexican fintech startup with the mission to become the bridge to people’s financial freedom through technology.

We are providing microloans to people in financial need through a fast and efficient process, always treating them with the respect and dignity they deserve.

Our long-term vision is to be the most inclusive digital bank in LATAM with more than 2.5 million clients.

About your role

As the Head of Information Security, you stand as the pillar of our organization's security architecture. Your leadership will define, sculpt, and drive security strategies and initiatives, ensuring that our platform remains resilient, reliable, and secure. You'll lead our endeavors to gain compliance with top-tier IT security standards, making sure our growing clientele and financial assets remain safeguarded.

Objectives

1. Strategic Security Leadership: Set the direction and roadmap for the information security department, ensuring alignment with our company's business goals and objectives.
2. Holistic Security Oversight: Supervise all organizational security initiatives, ensuring the congruence and optimal effectiveness of different security measures.
3. Stakeholder Collaboration: Work in tandem with key business leaders, understanding their needs, and ensuring security measures to assure business processes are executed in a secure framebox.
4. Security Advocacy: Advocate for a security-first mindset, ensuring all departments understand the value and importance of stringent security practices.
5. Regulatory Compliance and Liaison: Maintain a pulse on the evolving regulatory landscape and ensure that Baubap remains compliant at all times.
6. Budgetary Management: Oversee the information security budget, ensuring effective resource allocation and return on security investments.
7. Reporting and Metrics: Implement security metrics and KPIs to measure the effectiveness of the security program, and provide regular reports to the senior management team on the security status and potential risks.

Responsibilities

1. Visionary Leadership: Craft, maintain, and communicate the security vision, policy, and strategy of the organization.
2. Team Development: Build, lead, mentor, and consolidate the information security team to ensure growth and operational efficiency.
3. Policy Formulation: Develop, revise, and enforce policies, practices, and procedures that ensure data and system security to allow business operations.
4. Risk Management: Identify, evaluate, and prioritize security risks, ensuring an effective mitigation strategy is in place.
5. Stakeholder Collaboration: Engage with business leaders, understand their needs, and embed security into the business fabric.
6. Vendor Management: Assess, select, and manage security vendors, ensuring they meet our organization's security standards.
7. Continuous Improvement: Drive a culture of continuous improvement, ensuring that the security framework evolves with the dynamic threat landscape.
8. Security Awareness and Training: Ensure that every member of the organization is trained and aware of security policies, procedures, and best practices.

• A Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent professional experience.
• A decade of experience in the information security realm, with a significant period in leadership roles.
• Recognized certifications in cybersecurity such as CISSP, CISM, and CCSP.
• Exceptional communication skills with the ability to communicate complex security topics to a diverse audience.
• Demonstrated ability to develop and implement security policies, protocols, and procedures.
• Professional with deep expertise in Mexican financial compliance regulations

Desirable Skills

• Experience implementing Secure Software Development Lifecycles.
• A proven track record in IT governance, risk management, and regulatory compliance.
• Proven experience in the financial sector.

Your skills

• Clear and Transparent Communication. You can articulate your thoughts clearly, concisely and can facilitate technical understanding to non-technical stakeholders.
• Relentless Resourcefulness. You are solution-focused, and known for your creativity and resourcefulness when facing challenges.
• Sense of Urgency. You possess a proactive approach, always pushing forward to achieve desired outcomes.
• Flexibility and Resilience. You maintain your composure and focus amidst changes, adapting swiftly when necessary.
• Self-Driven and Committed. You are motivated and committed to ensuring the success of your team and the business.
• Strategic Thinking. You use data to inform decisions, understanding the deeper implications of certain strategic choices.
• Critical / Analytical Thinking. You can analyze complex issues, identify their root causes, and propose clear, logical action plans.
• Team Player. You understand the importance of collaboration and fostering a positive team culture.
• Team Development. You pride yourself on growing and nurturing high-performing security teams.
• Visionary Leadership. You have the ability to see the bigger picture, set direction, and inspire your team to follow your lead.
• Strong Stakeholder Management. You navigate with ease among stakeholders, ensuring everyone is aligned in their security goals.

What we can offer you

• A significant role in a multinational, highly driven team of professionals.
• A flexible and remote working environment.
• High level of ownership and independence.
• 25 vacation days / year + 75% holiday bonus.
• 1 month (proportional) of Christmas bonus.
• "Vales de despensa" - 3,112 MXN / month.
• Health & Life insurance.
• Home office set-up budget.
• Unlimited budget for Kindle books.
• Baubap Free Loan.
• A competitive salary.