Join to apply for the ICT Governance Manager role at Scalapay.
At Scalapay, we’re shaping a culture with high standards, independent and critical thought, innovation, ownership, and continuous learning. We operate in a fast-moving, tech-driven environment, and we’re looking for people who thrive in change, think boldly, and take initiative. If you’re ready to put your potential to the test in a hiring process designed to spotlight exceptional talent, this is your chance to stand out and grow with one of Europe’s most ambitious fintech teams.
Mission
We're seeking an ICT Governance Manager to ensure our regulated financial services subsidiary maintains robust compliance with Italian and EU financial regulations. This is a hands‑on, individual contributor role working horizontally across our engineering organization to implement governance frameworks, coordinate regulatory requirements, and maintain continuous audit readiness.
You’ll be the subject matter expert who translates regulatory requirements (Bank of Italy, DORA, PCI‑DSS, GDPR) into actionable technical requirements, working closely with engineering domain leads to ensure compliance is embedded into our delivery processes without creating bottlenecks.
This role is critical for maintaining our payment institution license while supporting our growth from 10M users to the next phase of scale.
What You’ll Do
Regulatory Compliance Implementation
Translate regulatory requirements from Bank of Italy, ECB directives, DORA, PCI‑DSS, and GDPR into concrete technical requirementsWork with engineering domain leads (Risk, Payments, Customer, Infrastructure) to implement compliance controls within their delivery cyclesMaintain comprehensive documentation of ICT systems, data flows, and security controls for regulatory inspectionsCoordinate regulatory submissions and respond to information requests from Bank of Italy and external auditorsTrack and report compliance status across all technical domains to CTO and IP CEO
Governance Framework Management
Implement and maintain ICT governance processes aligned with regulatory requirementsEstablish monitoring mechanisms to ensure ongoing compliance across engineering teamsCreate and maintain policy documentation, procedures, and evidence repositoriesCoordinate vendor compliance assessments for critical third‑party ICT servicesMaintain ICT asset inventory, access control documentation, and security configurationsSupport internal and external audit processes by preparing evidence and coordinating team responses
Business Continuity & Resilience Coordination
Coordinate development and testing of Business Continuity Plans with infrastructure and engineering teamsEnsure disaster recovery procedures are documented, tested, and meet regulatory requirementsWork with DevOps team to validate backup procedures and recovery time objectivesOrganize and document regular DR testing exercises with post‑test reportingMaintain incident response procedures and coordinate incident management processes
Cross-Functional Collaboration
Partner with Risk Management team to assess and monitor ICT risksWork with Legal/Compliance to align technical controls with regulatory interpretationsCoordinate with engineering managers to plan compliance work within agile sprint cyclesAct as technical liaison during regulatory inspections and auditor requestsPresent compliance status updates to executive leadership
Why you should join Scalapay
Attractive packages based on skills and experience - the salary band we have for this position is 80‑100 EuroOpportunity to work with a team of Industry Leaders who are focused on delivering products that offer exceptional user experience.Support to accelerate your professional growth and take ownership of the projects you deliver.A lean, people focused Agile way of working that delivers marketable products.Work with the latest technologies and be encouraged to bring your own flair to the role.Professional training plan and career guidance.
Required Qualifications
Regulatory & Compliance Experience
4‑6 years of hands‑on experience in IT governance, compliance, or risk management within regulated financial services (banking, payments, fintech)Direct experience working with Bank of Italy requirements or similar EU financial regulatorsWorking knowledge of PCI‑DSS and GDPR compliance requirementsExperience with DORA (Digital Operational Resilience Act) requirementsExperience preparing documentation for and responding to regulatory audits
Technical Background
Strong understanding of enterprise IT infrastructure, cloud services (AWS), and application architecturesAbility to read and understand technical documentation, API specifications, and system architecture diagramsExperience with DevOps practices, CI/CD pipelines, and infrastructure‑as‑code conceptsUnderstanding of cybersecurity controls, access management, and vulnerability managementFamiliarity with agile development methodologies and how to embed compliance work into sprints
Collaboration & Communication
Proven ability to work horizontally across technical teams without direct authorityExperience influencing engineering teams to prioritize compliance work alongside feature developmentAbility to translate complex regulatory language into clear technical requirementsStrong documentation skills for creating policies, procedures, and audit evidenceExcellent Italian and English communication skills (written and verbal)Comfortable working in a lean, fast‑moving startup environment (~200 people)
Preferred Qualifications
Degree in Computer Science, Information Systems, or related technical fieldProfessional certifications: CISA, CRISC, ISO 27001 Lead Auditor, or similarPrevious experience in Big 4 consulting (audit/advisory) or regulatory compliance rolesHands‑on experience with BNPL, payments processing, or lending platformsExperience with GRC (Governance, Risk, Compliance) toolsBackground as a technical project manager or senior engineer who moved into governance
Recruitment Process
Initial Chat: A brief conversation with our Talent Acquisition team to get to know you and understand your fit for the role.Hiring Manager Interview: First interview with the Hiring Manager to deep dive into your experiences, better understand your motivation and explore your skills.Case Study: A skills‑based exercise followed by a debriefing session with key stakeholders.A Meet the Team: to meet the Software Engineers that could potentially be part of your team.Final Chat with Simone (CEO): A chance to discuss Scalapay’s values, company vision, and ensure strong cultural alignment. During this stage, we will also conduct reference checks to validate your experience and achievements.
Want to learn more? Don't hesitate to explore our Careers website, our LinkedIn and Glassdoor pages.
Pro tip: send your CV in English