Chief Information Security Officer

Job Description

Job Description

WHO WE ARE

At Trustly, we're building a smarter, faster, and more secure financial future by revolutionizing the world of payments. As a global leader in Open Banking Payments, we are establishing Pay by Bank as the new standard at checkout, providing unparalleled freedom, speed, and ease to millions of consumers and merchants worldwide.

Our Ambition: To build the world’s most disruptive payment network and redefine what the payment experience should feel like.

Trustly is a global team of innovators, collaborators, and doers. If you are driven by a strong sense of purpose and thrive in a dynamic, entrepreneurial, and high-growth environment, join us and be part of a team that’s transforming the way the world pays.

About the team 
The Security & Information Technology organization is the backbone of Trustly’s commitment to global financial trust. We are responsible for architecting a resilient security posture and a seamless, AI-native workplace that enables our global workforce to innovate at speed. Our mission is to protect millions of transactions while ensuring that our internal technology ecosystem is as fast, secure, and disruptive as the payment solutions we build for our merchants and customers.

About the role
Reporting directly to the Global CTO, the Chief Information Security Officer (CISO) & Head of Information Technology will serve as Trustly’s most senior security and internal technology operations executive. This is a dual-scope role: you will own the full information security program - strategy, architecture, risk, and response, while also leading the IT organization that underpins Trustly’s global workforce, including driving our AI productivity journey.

You will be a key voice to the C-suite and a trusted advisor to the Board on all matters related to security posture, cyber risk, and technology resilience. You will operate at the intersection of a high-growth, globally distributed fintech and a fast-evolving regulatory and threat landscape, making decisions that have direct implications for our customers, our partners, and our business.

Information Security Strategy & Program Leadership

• Define and execute Trustly’s global information security strategy, roadmap, and multi-year program, aligned to business objectives and risk appetite.
• Own the enterprise security architecture across cloud infrastructure, payment systems, APIs, and internal applications.
• Build and mature security capabilities spanning identity and access management, threat detection and response, data protection, application security, and vulnerability management.
• Lead and develop a high-performing security team; attract, retain, and grow top security talent across the organization.
• Champion a security-first culture, partnering with Engineering, Product, Legal, and Finance to embed security into every stage of the development and business lifecycle.

Information Technology Organization

• Lead the global IT function, overseeing end-user computing, workplace technology, service desk, network infrastructure, and enterprise systems.
• Drive operational excellence and reliability across IT services for Trustly’s distributed, global workforce.
• Lead our global workforce in productivity improvements centered around AI.
• Own IT vendor relationships and enterprise tool strategy, ensuring cost-effectiveness, scalability, and compliance.
• Oversee IT disaster recovery and business continuity programs, ensuring resilience across critical business systems.

Risk Management & Regulatory Compliance

• Own Trustly’s cybersecurity risk framework, conducting regular assessments and translating technical risk into business terms for executive and Board audiences.
• Ensure compliance with applicable regulatory requirements across all operating jurisdictions, including PCI DSS, SOC 2, GDPR, DORA, ISO 27001, CCPA, and open banking regulations.
• Partner with Legal and Compliance to navigate evolving data privacy and financial services regulations in the U.S., EU, and other markets.
• Lead third-party and vendor risk management, ensuring Trustly’s partner and supply chain ecosystem meets security standards.

Security Operations & Incident Response

• Oversee the Security Operations Center (SOC), threat intelligence, and incident response capabilities, ensuring rapid detection, containment, and recovery.
• Serve as executive incident commander for major security events; manage stakeholder communications, regulatory notifications, and post-incident reviews.
• Continuously improve detection engineering, red team / blue team programs, and tabletop exercise cadences.

Executive Leadership & Board Engagement

• Present security and IT risk posture, program updates, and strategic priorities to the Board of Directors and executive leadership on a regular basis.
• Partner with the CTO, CFO, General Counsel, and other C-suite executives to align security investments with business strategy.
• Represent Trustly externally with regulators, auditors, strategic partners, and industry bodies.

• 15+ years of progressive experience in cybersecurity, with demonstrated breadth across security architecture, risk management, compliance, and security operations.
• Proven track record of building and scaling enterprise security programs in complex, high-growth environments.
• Hands-on experience navigating regulatory frameworks (e.g. PCI DSS, ISO 27001)
• Deep knowledge of cloud security (AWS, GCP, and/or Azure), DevSecOps practices, and modern security tooling.
• Executive presence and communication skills, with the ability to engage a Board of Directors and translate complex technical risk into strategic business terms.
• Experience leading high-performing, geographically distributed teams in a global organization.
• Strong vendor and contract management experience.
• Prior CISO title or equivalent accountabilities at a technology company, financial institution, or regulated fintech.
• Experience managing IT organizations at scale, including enterprise infrastructure, end-user technology, and IT operations.
• Experience at a payments company, open banking platform, or financial services organization operating under multiple regulatory regimes.
• Familiarity with open banking infrastructure, API security, and payment rail security considerations.
• Advanced security certifications such as CISSP, CISM, or CISA.
• Experience with security program build-out and audit readiness.
• Multilingual capability or experience working across U.S., EU, and APAC operating environments is a plus.

Applications for this role are accepted on an ongoing basis.

LOCATION & WORKPLACE
This is a hybrid role based out of our San Francisco or New York hubs. We look for team members to be in the office Tuesday through Thursday.

 
SALARY RANGES IN US-BASED ROLE POSTING
Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Recruiters can share more information with applicants about the specific salary range for preferred locations during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only and do not include other perks and benefits.

 
WHAT WE OFFER
At Trustly, you will have the chance to solve meaningful challenges alongside some of the brightest minds in FinTech. Together, we are shaping the future of payments in an environment that celebrates curiosity, collaboration, and innovation. You will be challenged and empowered to grow, making a real impact every step of the way.

 
Our team is as diverse as the global footprint we serve, with colleagues across Silicon Valley, the U.S., Canada, Brazil, Europe, and beyond.  At Trustly, we foster a workplace where everyone feels they belong—a place where teamwork thrives, ideas flourish, and we never forget to have fun along the way.

 
We offer innovative perks and benefits packages that include:
- Flexible paid time off & generous PTO accrual plans
- Comprehensive medical, dental, vision, and other insurances
- FSA & HSA plans for medical and dependent care
- Home office set-up allowance
- Internet stipend
- Retirement plan match for 401k and RRSP
- Gender-neutral paid parental leave, and more!
(The benefits and total compensation packages outlined above are for full-time employees; some exclusions apply for temporary positions.)

 
At Trustly, we embrace and celebrate diversity of all forms and the value it brings to our employees and customers. We are proud and committed to being an Equal Opportunity Employer and believe an open and inclusive environment enables people to do their best work.  All decisions regarding hiring, advancement, and any other aspects of employment are made solely on the basis of qualifications, merit, and business need.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.