DORA Responsible Person (ICT Risk & Resilience Officer)

About Paymentwall

Paymentwall is a global payment platform providing access to 150+ local payment methods—such as credit/debit cards, bank transfers, e-wallets, prepaid cards, and mobile carrier billing—through a single seamless integration. We empower digital businesses, game developers, and online merchants to scale internationally by delivering secure, innovative, and localized payment solutions.

Position Overview

Paymentwall is looking for a knowledgeable and reliable DORA Responsible Person (ICT Risk & Resilience Officer) to lead and manage the company’s digital operational resilience framework in compliance with the Digital Operational Resilience Act (Regulation (EU) 2022/2554) and the ICT Guidelines of Latvijas Banka (2025).

This role ensures the robustness, security, and resilience of Paymentwall’s ICT environment, oversees ICT risk management, incident handling, third-party ICT service providers, and ensures adherence to regulatory and cybersecurity requirements.

Our Values

Honesty & Trust- We communicate openly, act with integrity, and build trust through transparency and accountability.

Learning & Curiosity- We constantly seek knowledge, embrace creativity, and strive for continuous improvement.

Global Collaboration- We value diverse perspectives and thrive on teamwork across cultures and borders.

What You’ll Do

• Develop, implement, and maintain Paymentwall’s ICT Risk Management Framework in accordance with DORA.
  
  

• Draft, update, and enforce ICT Security Policies, Incident Response Procedures, Business Continuity Plans (BCP), Disaster Recovery Plans (DRP), and the Third-Party ICT Service Register.
  
  

• Collaborate with Compliance, Risk Management, and Internal Audit to ensure ICT risk governance is fully integrated into the company’s operational framework.
  
  

• Ensure timely classification, documentation, escalation, and reporting of ICT-related incidents to Latvijas Banka, as required by DORA and Delegated Regulation (EU) 2025/301.
  
  

• Monitor and assess critical third-party ICT service providers, including contractual compliance and operational oversight.
  
  

• Coordinate or conduct ICT vulnerability assessments, penetration tests, and digital operational resilience testing in accordance with the TLPT framework and proportionality principles.
  
  

• Prepare and submit annual DORA Self-Assessments, ICT Risk Reports, and updates for senior management and the Board.
  
  

• Act as the primary point of contact for Latvijas Banka and other supervisory authorities on all DORA-related matters.
  
  

What You Bring:

• Bachelor’s or Master’s degree in Information Security, Computer Science, Engineering, Risk Management, or a related field.
  
  

• 3+ years of experience in ICT security, IT risk management, or operational resilience within a regulated financial institution or fintech.
  
  

• Strong understanding of EU regulatory frameworks, including DORA, PSD2, NIS2, GDPR, and relevant EBA Guidelines.
  
  

• Solid knowledge of cybersecurity controls, incident response, IT governance, and outsourcing/third-party risk oversight.
  
  

• Experience preparing ICT documentation for regulatory inspections or audits (preferably with Latvijas Banka, ECB, or other EU supervisory authorities).
  
  

• Excellent analytical, communication, and reporting skills in English and Latvian.
  
  

• High ethical standards, attention to detail, and ability to work independently while coordinating with cross-functional teams.

What We Offer

• Competitive salary and financial stability.
  
  

• Paid vacation and annual performance evaluations.
  
  

• Individual career development opportunities.
  
  

• Dynamic, international, and innovative work environment.

Note: This is a fully onsite role- No Hybrid or Remote Job.