Information Security Engineer

Location Sofia, Bulgaria
Job Type Permanent
Salary Very Attractive
Reference 29975

My client is on the lookout for an Information Security Engineer who is ready to step up their career and reap the rewards with a top end payments company!

They are on a mission to simplify payment solutions and make them exciting and enjoyable. If you're interested in FinTech as the emerging industry that revolutionizes everyday finances.


Main responsibilities:

PCI DSS certification and maintenance.

Establish, implement and maintain PCI DSS compliance strategy:

  • Determine scope
  • Perform PCI DSS assessments and identify gaps to achieve and sustain compliance; review current rules
  • Create policies, procedures, standards, controls and other required documentation to ensure compliance with PCI DSS
  • Create and maintain PCI DSS compliance project and operation
  • Fulfil PCI DSS obligations for current and new projects and systems
  • Implement PCI DSS technical security requirements
  • Provide knowledge and actionable PCI DSS guidance
  • Execute end-to-end PCI projects delivery
  • Ensure company’s IT infrastructure and systems for processing of card information comply with PCI DSS requirements
  • Regularly check whether PCI DSS requirements are met, what is new in the standard and what else needs to be done

Hands-on management of the IT security architecture across all company's assets, including configuration, management, sourcing, auditing and daily operations.

Maintain and perform comprehensive vulnerability management tool-kit across infrastructure, web application, mobile applications and code repositories.

Ensure information security policies, standards and procedures are up-to-date to enforce confidentiality, integrity, and availability of information that is owned, controlled and processed within the company.

Manage and maintain company's incident response and disaster recovery programs including testing for all environments.

Evaluate security trends, evolving threats, risks, and vulnerabilities and apply or upgrade tools to mitigate risk as necessary.

Work closely with the DPO to ensure alignment between security and privacy compliance programs including policies, practices and investigations and act as a liaison to the information systems and compliance departments.

Be responsible for initial and periodic information security risk assessment/analysis, mitigation and remediation, as well as for the development and implementation of security risk management plans (both within the organization and across the deployed infrastructure).

Serve as an information security consultant to all departments for all data security-related issues.

Design information security training materials and train the staff.



  • Bachelor's degree in Computer Science, Information Systems or related.
  • At least 4 years of experience in building, operating and troubleshooting network environments with sensitive customer data.
  • In-depth understanding of network protocols, network security principles, and industry-standard implementations of corporate network LAN and WiFi infrastructures.
  • Working knowledge of technologies used in cloud services and file transport protocols (secure & un-secure).
  • Knowledge of database and operating system security and the latest security principles, techniques and protocols.
  • Understanding of advanced troubleshooting techniques in diagnosing hardware, software and network issues.
  • Risk management skills.
  • Good communication, organizational, collaboration and influencing skills.
  • Fluent English – spoken and written.


Interested in knowing more? Send your CV to

Apply Now