Created in 2013, Lydia quickly became the reference for payment between friends. The French fintech has gained great notoriety for this feature and now has more than 7 million users.In recent years, Lydia has developed other services - pot, current account, common account, savings, credit, investment... to become the daily and complete payment application for millions of French people.

With 250 employees based in Paris, Nantes, Bordeaux and Lyon, Lydia has set itself the task of changing the codes of the bank by offering all the essential services to manage your money on a daily basis through a simple, accessible and enjoyable customer experience.

As our CISO, you will play a pivotal role in ensuring the security and protection of our customers' financial data and the integrity of our technology infrastructure. You will have the opportunity to shape our cybersecurity strategy, develop robust security policies and procedures, and lead a team of talented professionals dedicated to safeguarding our organization.

What you will do :

- Develop and execute a comprehensive cybersecurity strategy to protect our organization against evolving threats and risks.

- Define and implement security policies, standards, and best practices to ensure compliance with industry regulations and maintain the highest level of security.

- Oversee the design and implementation of secure systems and infrastructure, including cloud-based solutions, ensuring resilience, availability, and scalability.

- Manage and lead a team of cybersecurity experts, providing guidance, mentorship, and support in achieving organizational goals.

- Manage Internal IT: Provide leadership and guidance to internal IT teams responsible for managing the organization's technology infrastructure. Collaborate with IT leaders to ensure that security controls are integrated into systems, networks, and applications.

- Conduct regular security assessments, vulnerability scans, and penetration testing to identify and address potential vulnerabilities.

- Collaborate with cross-functional teams to integrate security practices throughout the development lifecycle and promote a culture of security awareness.

- Stay up to date with the latest cybersecurity trends, technologies, and regulatory requirements, and apply them to enhance our security posture.

- Act as the primary point of contact for all security incidents, conducting investigations, implementing remediation plans, and maintaining incident response readiness.

- Manage cyber security awareness and training throughout the organization

- Lead security compliance audits (like PCI-DSS)

This role covers both the security of Lydia as a banking application and Lydia as an IT company.

You are in the right place if you have :

- A proven experience in a hands-on cybersecurity leadership role, preferably as a CISO or equivalent, within a financial institution or any other sensitive environment (health, HR).

- Strong knowledge of industry regulations, including PCI-DSS, GDPR, and other relevant standards.

- Expertise in conducting risk assessments, vulnerability management, and incident response.

- In-depth understanding of secure software development methodologies and cloud security.

- Understanding of legislation relevant to incident response, network monitoring, investigations and handling of illegal materials.

- Demonstrable experience in managing information security operations or incident response activities within a highly complex organization with devolved structures and multiple stakeholders

- Strong leadership and communication skills, with the ability to influence and inspire teams.

- Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

- Ability to build trusted relationships with stakeholders at all levels, and effective collaborations with other teams

- High level of personal integrity, as well as the ability to handle confidential matters, and show an appropriate level of judgment and maturity

- Significant, demonstrable experience and expertise in one or more of the following: network and systems security, Unix/Linux systems administration, TCP/IP networking, intrusion detection/prevention and malware analysis

- Excellent understanding of the principles, theories, practices and techniques for activities associated with planning and implementing technical IT security arrangements

- Fluent English orally and written.

Hiring process in 3 steps:

- Step 1: Interview with the talent acquisition team

- Step 2: Technical interview with the security & tech team

- Step 3: Interviews with executive team members

At Lydia, we believe that diversity is a strength. Diversity is part of our culture and identity. We want to create an inclusive culture where all forms of diversity are seen as a real value to the company. Lydia is therefore proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, colour, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, physical characteristics (size, weight ... ), age, status as an individual with a disability, genetic information, or other applicable legally protected characteristics.