Senior Information Security Specialist - Governance, Risk & Compliance

Job Description

Wolt is looking to expand its Security team by hiring an Information Security Specialist to help us build an even more secure Wolt! Perhaps we could do that with your help? You’ll be joining Wolt’s security team’s Governance, Risk and Compliance (GRC) focus area, developing our information security management system to the next level. At Wolt we believe that you shape your own path and this one in particular can be adjusted based on your prior experience and professional interests expanding the scope of your duties according to your preferences. You will also be supporting and advising different teams in strategic and operational security related matters. 

When it comes to the Security Team at Wolt, there are few things that make it quite unique:

⭐️ We’re a cross-disciplinary team which makes us strong: looking after not only security, but also privacy and physical security and safety

⭐️ We work across the whole company and report to the CEO’s office, so we’re not buried under an organizational silo

⭐️ We’re a truly a Cloud Native, Zero Trust and DevOps company - so much so that we don’t usually even care about those buzzwords

The Wolt Security team is distributed across several locations, and new team members are welcome to either of our tech hubs located in Helsinki or Stockholm or you can work entirely remotely anywhere in Finland or Sweden.

As an Information Security Specialist you’ll be solving these challenges:

👉 You will be responsible for managing and driving improvement of several compliance and governance initiatives at Wolt. These may include initiatives such as upgrading our ISO 27001 program to the latest version or improving the way we do risk management. You will need a big vision and a pinch of design and engineering skills to succeed like a true champion. This will be your most important priority and should consume most of your time.

👉 You’ll ensure that all the periodical milestones and control activities are performed accordingly. One of which is attending to our team efforts in handling and resolving security and privacy events and incidents. This is an important duty, one which will not consume your time too much.

👉 You will be a point of contact for external and internal stakeholders managing our compliance audits and enabling our business. You will convince external stakeholders on Wolt’s capabilities to manage their data securely. You will provide security advice for our internal stakeholders such as IT, engineering and product team - always enabling other teams to succeed in their work. Influencing internally and externally is a task you will use time on a weekly basis.

👉 You will play a remarkable role in the team effort of ensuring that we meet our legal and contractual obligations in regards of security and privacy. You'll succeed if your approach is not to do compliance just for the sake of compliance - it's all about enabling the business and making smart control design choices that are scalable and won't overload our team or our main stakeholders unnecessarily.

Qualifications

You might be just the person we’re looking for if:

✅ You have at least 3 years of experience in GRC security or privacy roles, from consulting or as an in-house expert and have vast experience of cross organizational projects and stakeholder management.

✅ You’re aware of the applicable legislation such as GDPR, NIS2 and DORA and may have worked with some of them earlier.

✅ You have solid knowledge and experience in designing and implementing controls from commonly known security frameworks (e.g., ISO 27000 series, NIST, SOX ITGC, SOC 2). 

✅ You’re a quick learner and easily adaptable to changes in your work day as the only constant is change. 

✅ You’re service-minded. You’ll be collaborating with different stakeholders and functions internally, such as Product and Engineering, Legal, IT and our Payments Institution so this mindset is key. For this, knowledge and experience of modern product development practices and data privacy related projects is a major advantage.

✅ You’re a goal-oriented person, someone who can take ownership of their scope of duties and drive execution of their ideas end to end. Challenging the status quo is always appropriate, accepted and appreciated.

✅ You’re fluent in spoken and written English, which is our company language at Wolt.

Additional Information

Apart form solving cool security topics, you’ll get to work in a company culture where we take ownership beyond the obvious, do common things uncommonly well, we think big but stay humble, do right by people, we treat others kindly and justly, recognise that if we don’t learn, we won’t stay still but fall behind, and keep in mind that Luke was Yoda’s greatest achievement. 

On top of the benefits, the compensation will be a negotiable combination of monthly pay and DoorDash equity. The latter makes it exceptionally easy to be excited about our company growing and doing well, as you’ll own a piece of the pie.

Join us for an exciting journey - we will close the role as soon as we find a suitable candidate, so make sure to apply as soon as you realize you really, really want to join us!

For any further questions about the position, you can turn to Product+ Talent Acquisition Partner - Lina Muncyte (lina.muncyte(at)wolt.com).