Information Security Officer

We are looking for an Information Security Officer to join our Risk Control & Compliance team. You will be the one advising and setting up governance structures within the information security area, overseeing both its strategic direction and working hands on in our day-to-day operations. This role means you will work within the business as subject matter expert with regards to the regulatory framework that applies for information security and related matters. The Information Security Officer will have a deep understanding of the business models and business objectives in order to align them with information security and compliance standards and strategies. The Information Security Officer’s goal is to lead the business towards industry-leading security practices. The function is placed within the 2nd line of defence where you report to our Chief Risk & Compliance Officer and will have four colleagues within Risk and Compliance to discuss regulatory matters and align on planned activities etc. The Information Security Officer will initiate necessary activities and follow up on execution, as well contribute to Intergiro’s overall security standards, routines and policy.

Your key responsibilities- Create information security strategies in support of the company’s goals and business strategies.- Create, review and maintain security policy and procedures in order to meet obligations stemming from regulations and applicable standards. - Lead and perform audits, risk identification and risk assessments periodically as required by standards and regulations in addition to when there are changes in the business or the regulatory environment.- Provide expertise in regulations and standards related to information security such as the upcoming DORA , GDPR and PCI-DSS.- Provide support for assessments of risks and outsourcing management in relation to external vendors. - Evaluate and provide support in information security incidents.- Evaluate and implement new ways to automate and improve information security across the business.

Take the opportunity to join a fun, evolving and challenging start-up/scale-up and help us shape the future of the ‘embedded finance’ revolution! We want to be the best kind of company and the best kind of environment, for the best kind of people:

💡 We believe in idea meritocracy: the best one wins, no matter where it came from and we make sure to create a safe place for open communication so everyone can express their views.

💬 We give you a lot of ownership and autonomy which means you will have the space to grow and make an impact on our business. This also means you get the freedom to work remotely from anywhere in Sweden or from any of our European hiring locations.

👩‍⚖️ We continuously seek innovation. We are trying to build something different and better than what is already out there, so we must be the vanguard.

Requirements

- At least 4 years of experience in the Information Security field with practical experience of implementing and/or follow up on some kind of regulatory framework.

- A solid understanding of regulations and standards applicable in the financial sector such as PSD2, EBA Guidelines, GDPR and PCI-DSS with regards to information security. Details may be learned but you must have a solid understanding of information security and risk management principles and how to implement them into practice.

- Strong understanding of toolbox available for protection of IT-systems and management of IT-related risks.

- Strong communicator, an ability to explain complex things to various audiences.

- Self starter with a desire and comfortability working in a fast paced start-up environment with a problem-solving mindset and hands on approach.

- Located in any of our hiring locations Sweden, Spain, Poland or Portugal and possessing a work permit for that specific location.Welcome with your application!