Information Security Manager at Lightspark

Estonia

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Fintech, Cryptocurrency, PaymentsIndustries

Requirements

5+ years in information security operations or management with proven implementation of security and compliance programs. Experience in ICT risk management and oversight of technical security functions
Strong understanding of EU/Estonian frameworks, including DORA, ISO27001, SOC2, and GDPR. Experience supporting regulatory licensing or audit processes is a plus
Hands-on experience with cloud environments (AWS, Azure, GCP), secure configuration, vulnerability management, monitoring, and incident response. Familiarity with Linux/Windows hardening, networking, and scripting (e.g., Python, Bash)
Higher education in a STEM or business-related field
Full working proficiency in English and Estonian
Proactive, structured, and detail-oriented leader with strong project management, communication, and collaboration skills
Experience preparing for regulatory inspections, working with ISO27001 audits, or partnering with fractional CISO/DPO roles. Certifications such as CISSP, CISM, ISO27001 Lead Implementer, or CIPP/E are beneficial
Based in Tallinn, Estonia office with regular in-office presence (OnSite, FullTime)

Responsibilities

Drive security strategy and governance: Develop, implement, and monitor a comprehensive information security and ICT risk management program aligned with DORA, ISO27001, and EU/Estonian requirements
Develop and maintain frameworks: Own the company’s Information Security Management System (ISMS), ensuring all policies, controls, and documentation align with regulatory and business needs
Implement and operate security controls: Deploy and manage technical safeguards across cloud, on-prem, and application environments—covering vulnerability management, system hardening, and incident response
Collaborate across teams: Work closely with global engineering, risk, and compliance functions to ensure consistent application of security standards and processes across systems and services
Lead ICT risk management: Identify, assess, and manage ICT risks across business units, and provide actionable security insights for new technologies and initiatives
Engage with regulators and auditors: Serve as the main point of contact (or in coordination with control functions) for regulators, auditors, and external security assessors
Measure and report security posture: Regularly brief management and, where applicable, the Supervisory Board on key risks, compliance status, and improvement initiatives
Promote a culture of security: Drive employee awareness and training programs to foster security ownership and operational hygiene across the company

Skills

Key technologies and capabilities for this role

ISO27001DORAISMSvulnerability managementsystem hardeningincident responsecloudon-premICT risk management

Questions & Answers

Common questions about this position

What is the location requirement for this role?

This is an onsite position based in Tallinn, Estonia, within Striga, a Lightspark company.

What salary or compensation is offered for this position?

This information is not specified in the job description.

What experience is required for the Information Security Manager role?

Candidates need 5+ years in information security operations or management with proven implementation of security and compliance programs, plus experience in ICT risk management and oversight of technical controls.

What does the company culture emphasize for this role?

The role promotes a culture of security through employee awareness and training programs to foster security ownership and operational hygiene across the company.

What makes a strong candidate for this position?

A strong candidate has 5+ years in information security operations or management, proven experience implementing security and compliance programs, and expertise in ICT risk management.

Lightspark

Facilitates Bitcoin transactions via API and SDKs

About Lightspark

Lightspark focuses on facilitating Bitcoin transactions for businesses by providing an API and Software Development Kits (SDKs) that integrate with the Lightning Network. This technology allows for faster and cheaper cross-border payments by identifying efficient routes for transactions. Unlike competitors, Lightspark's service-based model enables businesses to leverage Bitcoin without needing deep technical expertise. The goal is to streamline payment processes, making them more efficient and cost-effective.

Los Angeles, CaliforniaHeadquarters

2022Year Founded

$1.3MTotal Funding

SEEDCompany Stage

Fintech, Crypto & Web3Industries

51-200Employees

Risks

Increased competition from fintech companies like Strike and OpenNode.

Regulatory scrutiny in the US and EU could impact cryptocurrency transactions.

Technological vulnerabilities in the Lightning Network may affect Lightspark's reputation.

Differentiation

Lightspark offers a robust API and SDKs for Bitcoin integration on the Lightning Network.

The company provides a dashboard for tracking and managing Bitcoin transactions efficiently.

Lightspark's Universal Money Address (UMA) enhances global payment solutions for businesses.

Upsides

Partnerships with Bitso and Foxbit expand Lightspark's reach in Latin America.

Introduction of Spark and UMA boosts Lightspark's product offerings and market appeal.

Strategic expansion into Africa with Yellow Card highlights growth in emerging markets.

Land your dream remote job 3x faster with AI

Try Jobo Free