At Copla, we’re building software that helps EU financial institutions deal with complex regulatory and security requirements in a practical, scalable way. Our focus is on clarity, structure, and real-world applicability — not checkbox compliance.
We’re looking for an Information Security Expert / CISO to join our Product team and shape the security and GRC methodologies that power our platform. The methodologies and structures you help build will be used by many organisations across Europe and will directly enable them to achieve and maintain regulatory compliance.
Important: this is not a traditional CISO role.
You will not be responsible for company or client compliance, audits, or advisory engagements. Your role sits within Product, focusing on methodology, framework logic, and GRC feature design.
What you’ll do
- Be part of the Product team, acting as the methodology authority for information security and GRC-related features
- Advise on and design methodologies for core GRC concepts, such as:
- Risk registers and risk assessment models
- Business Impact Analysis (BIA)
- Control frameworks and control libraries
- Asset, threat, and impact modelling
- Shape the methodology behind policy automation, ensuring policies align with regulatory frameworks and are practical to implement
- Contribute to the design of security and compliance awareness trainings, embedding regulatory and security best practices into structured learning content
- Translate regulatory and security frameworks into clear, structured, and scalable product logic that can be reused across many organisations
- Design framework mappings and structures that can be embedded into software (controls, workflows, relationships)
- Work closely with Product, Engineering, and UX to ensure methodologies are:
- technically sound
- intuitive for end users
- aligned with financial sector practices and regulatory expectations
- Continuously refine methodologies based on regulatory changes and market feedback
What you bring
- Strong hands-on knowledge of information security and regulatory frameworks, such as:
- ISO/IEC 27001
- DORA
- NIS / NIS2
- PCI DSS
- and other recognised standards
- Practical experience applying these frameworks in financial services, fintech, or other regulated environments
- Solid understanding of risk management and GRC methodologies (risk registers, BIA, controls, governance)
- Ability to think structurally and product-first, not just from a compliance or audit perspective
- Strong written communication skills — you can explain complex topics clearly and precisely
Nice to have
- Industry certifications (e.g. CISSP, CISM, ISO 27001 LA/LI, etc.)
- Experience designing or harmonising GRC models and methodologies
- Experience creating or structuring security awareness training content
- Prior experience working closely with product or engineering teams
Why Copla
- Your work will help hundreds of companies move toward compliance through well-designed, scalable methodologies
- A rare opportunity to influence how security, risk, governance, policy automation, and awareness are built into software
- Strong focus on the EU financial regulatory landscape
- Competitive compensation and flexible working setup
- Vilnius-based team with a European footprint
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
IoT Technical Manager
2026-07-08
IoT Engineering Manager
2026-07-08
Electronics & IoT Engineering Manager
2026-07-08
- Posted
- Jan 28, 2026
- Type
- Full-time
- Level
- Entry
- Location
- Vilnius
- Company
- Copla
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
IoT Technical Manager
2026-07-08
IoT Engineering Manager
2026-07-08
Electronics & IoT Engineering Manager
2026-07-08