Ict Governance Manager

At Scalapay, we're shaping a culture with high standards, independent and critical thought, innovation, ownership, and continuous learning.We operate in a fast-moving, tech-driven environment, and we're looking for people who thrive in change, think boldly, and take initiative.If you're ready to put your potential to the test in a hiring process designed to spotlight exceptional talent, this is your chance to stand out and grow with one of Europe's most ambitious fintech teams.#MakeItHappen #PlayAsATeam #StayCurious #FocusOnCustomer.The MissionWe're seeking an ICT Governance Manager to ensure our regulated financial services subsidiary maintains robust compliance with Italian and EU financial regulations.This is a hands-on, individual contributor role working horizontally across our engineering organization to implement governance frameworks, coordinate regulatory requirements, and maintain continuous audit readiness.You'll be the subject-matter expert who translates regulatory requirements (Bank of Italy, DORA, PCI-DSS, GDPR) into actionable technical requirements, working closely with engineering domain leads to ensure compliance is embedded into our delivery processes without creating bottlenecks.This role is critical for maintaining our payment institution license while supporting our growth from 10 M users to the next phase of scale.What You'll DoRegulatory Compliance ImplementationTranslate regulatory requirements from Bank of Italy, ECB directives, DORA, PCI-DSS, and GDPR into concrete technical requirementsWork with engineering domain leads (Risk, Payments, Customer, Infrastructure) to implement compliance controls within their delivery cyclesMaintain comprehensive documentation of ICT systems, data flows, and security controls for regulatory inspectionsCoordinate regulatory submissions and respond to information requests from Bank of Italy and external auditorsTrack and report compliance status across all technical domains to CTO and IP CEOGovernance Framework ManagementImplement and maintain ICT governance processes aligned with regulatory requirementsEstablish monitoring mechanisms to ensure ongoing compliance across engineering teamsCreate and maintain policy documentation, procedures, and evidence repositoriesCoordinate vendor compliance assessments for critical third-party ICT servicesMaintain ICT asset inventory, access control documentation, and security configurationsSupport internal and external audit processes by preparing evidence and coordinating team responsesBusiness Continuity & Resilience CoordinationCoordinate development and testing of Business Continuity Plans with infrastructure and engineering teamsEnsure disaster recovery procedures are documented, tested, and meet regulatory requirementsWork with DevOps team to validate backup procedures and recovery time objectivesOrganise and document regular DR testing exercises with post-test reportingMaintain incident response procedures and coordinate incident management processesCross-Functional CollaborationPartner with Risk Management team to assess and monitor ICT risksWork with Legal/Compliance to align technical controls with regulatory interpretationsCoordinate with engineering managers to plan compliance work within agile sprint cyclesAct as technical liaison during regulatory inspections and auditor requestsPresent compliance status updates to executive leadershipWhy you should join Scalapay:Attractive packages based on skills and experience – the salary band we have for this position is ****** EuroOpportunity to work with a team of Industry Leaders focused on delivering products that offer exceptional user experienceSupport to accelerate your professional growth and take ownership of the projects you deliverA lean, people-focused Agile way of working that delivers marketable productsWork with the latest technologies and be encouraged to bring your own flair to the roleProfessional training plan and career guidanceRequired QualificationsRegulatory & Compliance Experience4-6 years of hands-on experience in IT governance, compliance, or risk management within regulated financial services (banking, payments, fintech)Direct experience working with Bank of Italy requirements or similar EU financial regulatorsWorking knowledge of PCI-DSS and GDPR compliance requirementsExperience with DORA (Digital Operational Resilience Act) requirementsExperience preparing documentation for and responding to regulatory auditsTechnical BackgroundStrong understanding of enterprise IT infrastructure, cloud services (AWS), and application architecturesAbility to read and understand technical documentation, API specifications, and system architecture diagramsExperience with DevOps practices, CI/CD pipelines, and infrastructure-as-code conceptsUnderstanding of cybersecurity controls, access management, and vulnerability managementFamiliarity with agile development methodologies and how to embed compliance work into sprintsProven ability to work horizontally across technical teams without direct authorityExperience influencing engineering teams to prioritise compliance work alongside feature developmentAbility to translate complex regulatory language into clear technical requirementsStrong documentation skills for creating policies, procedures, and audit evidenceExcellent Italian and English communication skills (written and verbal)Comfortable working in a lean, fast-moving startup environment (~200 people)Preferred QualificationsDegree in Computer Science, Information Systems, or related technical fieldProfessional certifications: CISA, CRISC, ISO ***** Lead Auditor, or similarPrevious experience in Big 4 consulting (audit/advisory) or regulatory compliance rolesHands-on experience with BNPL, payments processing, or lending platformsExperience with GRC (Governance, Risk, Compliance) toolsBackground as a technical project manager or senior engineer who moved into governanceRecruitment process:Initial Chat: A brief conversation with our Talent Acquisition team to get to know you and understand your fit for the role.Hiring Manager Interview: First interview with the Hiring Manager to deep-dive into your experiences, better understand your motivation and explore your skills.Case Study: A skills-based exercise followed by a debriefing session with key stakeholders.A Meet the Team: to meet the Software Engineers that could potentially be part of your team.Final Chat with Simone (CEO): A chance to discuss Scalapay's values, company vision, and ensure strong cultural alignment.During this stage, we will also conduct reference checks to validate your experience and achievements.Super Pro tip: we know that application processes can be scary and frustrating but... we look for talent, not people that tick all our boxes.We believe in the power of diversity: Scalapay is an Equal Opportunity Employer for any minority, disability, gender identity or sexual orientation.#J-*****-Ljbffr