Job Description
β We offer a full-time job in the office, β no remote or hybrid options.
π€ If you need to assist with relocation, we will take care of that.
BrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. Young, ambitious, and unstoppable, we've already taken Cyprus, Malta, Portugal, Poland, and Serbia by storm. Our BRO team consists of 1,300 bright minds creating innovative ideas and products. We donβt follow formats. We shape them. We build what works, launch it fast, and make sure it hits.
The Security Program Manager is responsible for driving the planning, coordination, and execution of security initiatives and projects across the organization. This role ensures alignment between security objectives and business goals, manages cross-functional security projects, and establishes governance to reduce risk and maintain compliance. Acting as the central point of coordination, the Security Program Manager enables efficient execution and delivery of security projects into production, facilitates communication between stakeholders, and ensures security becomes an integral part of business processes.
β Requirements:
Must-Have:
βοΈ 5+ years of experience in security program / project management or related fields.
βοΈ Strong understanding of information security principles, frameworks (e.g., ISO 27001, NIST, SOC 2) and risk management.
βοΈ Proven track record of delivering cross-functional security initiatives from planning to production.
βοΈ Excellent stakeholder management, communication, and presentation skills, including C-level reporting.
βοΈ Ability to build governance processes, track KPIs, and ensure accountability across teams.
βοΈ Strong organizational and prioritization skills in a fast-paced environment.
βοΈ Fluency in English (written and spoken).
Nice-to-Have:
βοΈ Technical background in IT, cloud, or application security.
βοΈ Experience working with GRC (Governance, Risk, and Compliance) tools.
βοΈ Familiarity with DevSecOps practices and CI/CD integration.
βοΈ Certifications such as CISSP, CISM, PMP, or similar.
βοΈ Experience in regulated industries (finance, gaming, healthcare, etc.).
βοΈ Previous experience in international or distributed teams.
β Responsibilities:
βοΈ Program ownership: Lead the planning, execution, and successful delivery of security initiatives and projects, ensuring they reach production and deliver measurable business value.
βοΈ Alignment with business goals: Translate security objectives into actionable programs aligned with organizational strategy and regulatory requirements.
βοΈ Cross-functional coordination: Act as the primary point of contact between Security, IT, Product, Engineering, Legal, HR, and other business units to ensure seamless collaboration.
βοΈ Governance & reporting: Establish clear governance models, track progress against milestones, define KPIs/metrics, and regularly report status and risks to senior management.
βοΈ Risk management: Identify, assess, and prioritize security risks; drive mitigation plans and ensure timely escalation of critical issues.
βοΈ Policy & compliance enablement: Ensure projects support compliance with relevant standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies.
βοΈ Change management: Develop rollout strategies for new security controls, ensuring adoption across the organization and minimal disruption to business processes.
βοΈ Stakeholder communication: Facilitate clear, timely, and transparent communication with all levels of stakeholders, including C-level executives.
βοΈ Issue resolution: Anticipate roadblocks, proactively manage dependencies, and resolve conflicts to keep projects on track.
βοΈ Continuous improvement: Identify inefficiencies in existing security processes and propose improvements, frameworks, or automation to enhance scalability.
βοΈ Awareness & training support: Coordinate security awareness initiatives and ensure that program outcomes are embedded into employee practices.
βοΈ Budget & resource planning: Collaborate with leadership to estimate costs, allocate resources, and optimize delivery efficiency.
βοΈ Vendor & third-party coordination: Manage external security partners, consultants, or vendors when projects involve outsourced services.
βοΈ Documentation: Maintain up-to-date documentation of project scope, timelines, ownership, and deliverables for auditability and knowledge transfer.
β We offer excellent benefits, including but not limited to:
π§π» π» Learning and development opportunities and interesting, challenging tasks.
π Opportunity to develop language skills, with partial compensation for the cost of Spanish classes (for localisation purposes).
βοΈ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).
π₯ Global coverage health insurance.
π Time for proper rest, with 23 working days of annual vacation and additional paid sick days.
π Competitive remuneration level with annual review.
π€ Teambuilding activities.
Bold moves start here. Make yours. Apply today!