Chief Information Security Officer

O nás

We are the largest bank in the Czech Republic, serving millions of clients and operating critical national infrastructure. We are the technology leader of Czech banking, building our future on modern technologies, cloud and AI. Security, resilience, and trust are at the core of our strategy.

We are looking for a strong CISO - a visionary, technically hands-on leader who can navigate today’s most sophisticated threats while enabling fast and secure innovation.

Mission of the Role:

The CISO with his security team defines, drives, and executes the enterprise-wide cyber and information security strategy. This role safeguards customer trust, protects critical systems, ensures compliance with banking regulations, and enables the bank’s digital and AI ambitions.

Key Responsibilities:

1. Cyber Security Strategy & Architecture

• Develop and continuously evolve a business-aligned, cloud-ready cyber security strategy supporting digital and AI transformation.
• Define the target security architecture, including zero trust, secure cloud adoption, and modern identity-centric security models.
• Anticipate emerging threats and integrate the newest technologies into the bank’s security roadmap.

2. Risk Management & Governance

• Own the security risk framework and ensure it is embedded across the enterprise.
• Maintain a real-time view of key risks, threat landscape, and control maturity.
• Define security policies, baselines, and standards, ensuring consistent enforcement.

3. Regulatory & Compliance Leadership

• Act as the main counterpart for regulators and auditors (GDPR, CNB, NIS2, DORA).
• Ensure the bank meets or exceeds all regulatory expectations in cyber resilience, incident reporting, and operational risk management.

4. Security Operations & Incident Response

• Oversee the SOC, threat hunting, detection engineering, and red/blue/purple-team capabilities.
• Lead end-to-end incident response and crisis management for major cyber events.
• Drive automation and intelligence-driven monitoring to reduce response times.

5. Identity, Access & Data Protection

• Define and oversee IAM, PAM, and modern access governance.
• Ensure strong data protection across classification, encryption, DLP, and privacy-by-design.

6. Secure Development & Technology Enablement

• Embed secure-by-design principles into software engineering, cloud adoption, and DevSecOps.
• Partner closely with CIO/CTO, architecture, and product teams to ensure innovation is delivered securely without slowing delivery.

7. Third-Party & Supply Chain Security

• Define and enforce security requirements for vendors, cloud providers, and outsourced services.
• Oversee continuous security assessment of critical suppliers and ecosystems.

8. Culture, Awareness & Executive Communication

• Build a strong security culture across the bank.
• Run targeted training programs, phishing simulations, and awareness campaigns.
• Communicate security posture, key risks, and priorities clearly to the Board and Executive Committee.

9. Organization, Talent & Budget Leadership

• Lead, grow, and inspire a high-performing security organization.
• Own and optimize the security budget, ensuring investments bring measurable risk reduction.

Candidate Profile

Technical & Professional Experience

• Proven leadership experience as CISO or senior security leader in a complex, regulated, high-availability environment.
• Hands-on understanding of cloud security (Azure/AWS/GCP), modern architectures, and emerging technologies (AI/ML, automation, zero trust).
• Strong knowledge of relevant legislation (GDPR, NIS2, DORA) and international security standards (NIST, ISO 27001, MITRE).
• Demonstrated success in building secure engineering practices and modern SOC capabilities.

Leadership & Personal Attributes

• Pragmatic, technically fluent, and able to challenge engineering teams at eye level.
• Visionary thinker able to translate complex threats into actionable business decisions.
• Excellent communicator with strong stakeholder management, including regulators and board members.
• Able to balance security, innovation, and business agility.
• Fluent in English

Preferred Certifications

• CISSP, CISM, CISA, CCSP, or equivalent senior-level credentials

Why Join Us

• Lead and shape the cybersecurity strategy of the largest bank in the Czech Republic and be a key driver of a cloud-enabled, AI-First transformation that protects millions of customers.
• Lead our IT Security team and transform it to the strongest, most modern information and cyber security organizations in the region.
• Work directly with top executives and influence decisions at board level.