Security Consultant Lead

Ant International powers the future of global commerce with digital innovation for everyone and every business to thrive. In close collaboration with partners, we support merchants of all sizes worldwide to realize their growth aspirations through a comprehensive range of tech-driven digital payment and financial services solutions.
Ant International strives to become the most trusted digital services connector to achieve sustainable growth of global commerce.
With a focus on Travel, Trade, Technology, and Talent, Ant International is committed to enhancing the digital mindset and capacities of businesses worldwide. As a Lead Cyber Security Specialist, you will ensure alignment with European regulations (e.g., This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience.

Regulatory & Technical Compliance:
Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act) , ensuring alignment in areas such as incident reporting and data protection.
Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls).
Manage and maintain Security Policies and procerdures

Third-Party Risk & Outsourcing Management:
Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services.
Ensure compliance with DORA’s outsourcing requirements , including due diligence, contract oversight, and continuity planning.

Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance.
Risk Management:
Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions.
Quantify risks using methodologies.

Advise on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance .
Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM).
Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements.
Security awareness management experience.

financial services or banking.
~ Understanding of GDPR , DORA , PCI DSS, and outsourcing/third-party risk requirements.
~ Hands-on experience with ISO 27001 implementation and third-party risk tools .
~ Proficiency in IAM (Identity and Access Management) solutions and conducting user access reviews .
~ Familiarity with cloud Technology and IT infrastructure.
~