Senior Information Security Specialist - Governance, Risk & Compliance
Helsinki, Finland
Job Description
Wolt is looking to expand its Security team by hiring an Information Security Specialist to help us build an even more secure Wolt! Perhaps we could do that with your help? You’ll be joining Wolt’s security team’s Governance, Risk and Compliance (GRC) focus area, developing our information security management system to the next level. At Wolt we believe that you shape your own path and this one in particular can be adjusted based on your prior experience and professional interests expanding the scope of your duties according to your preferences. You will also be supporting and advising different teams in strategic and operational security related matters.
When it comes to the Security Team at Wolt, there are few things that make it quite unique:
⭐️ We’re a cross-disciplinary team which makes us strong: looking after not only security, but also privacy and physical security and safety
⭐️ We work across the whole company and report to the CEO’s office, so we’re not buried under an organizational silo
⭐️ We’re a truly a Cloud Native, Zero Trust and DevOps company - so much so that we don’t usually even care about those buzzwords
The Wolt Security team is distributed across several locations, and new team members are welcome to either of our tech hubs located in Helsinki or Stockholm or you can work entirely remotely anywhere in Finland or Sweden.
As an Information Security Specialist you’ll be solving these challenges:
👉 You will be responsible for managing and driving improvement of several compliance and governance initiatives at Wolt. These may include initiatives such as upgrading our ISO 27001 program to the latest version or improving the way we do risk management. You will need a big vision and a pinch of design and engineering skills to succeed like a true champion. This will be your most important priority and should consume most of your time.
👉 You’ll ensure that all the periodical milestones and control activities are performed accordingly. One of which is attending to our team efforts in handling and resolving security and privacy events and incidents. This is an important duty, one which will not consume your time too much.
👉 You will be a point of contact for external and internal stakeholders managing our compliance audits and enabling our business. You will convince external stakeholders on Wolt’s capabilities to manage their data securely. You will provide security advice for our internal stakeholders such as IT, engineering and product team - always enabling other teams to succeed in their work. Influencing internally and externally is a task you will use time on a weekly basis.
👉 You will play a remarkable role in the team effort of ensuring that we meet our legal and contractual obligations in regards of security and privacy. You'll succeed if your approach is not to do compliance just for the sake of compliance - it's all about enabling the business and making smart control design choices that are scalable and won't overload our team or our main stakeholders unnecessarily.
Qualifications
You might be just the person we’re looking for if:
✅ You have at least 3 years of experience in GRC security or privacy roles, from consulting or as an in-house expert and have vast experience of cross organizational projects and stakeholder management.
✅ You’re aware of the applicable legislation such as GDPR, NIS2 and DORA and may have worked with some of them earlier.
✅ You have solid knowledge and experience in designing and implementing controls from commonly known security frameworks (e.g., ISO 27000 series, NIST, SOX ITGC, SOC 2).
✅ You’re a quick learner and easily adaptable to changes in your work day as the only constant is change.
✅ You’re service-minded. You’ll be collaborating with different stakeholders and functions internally, such as Product and Engineering, Legal, IT and our Payments Institution so this mindset is key. For this, knowledge and experience of modern product development practices and data privacy related projects is a major advantage.
✅ You’re a goal-oriented person, someone who can take ownership of their scope of duties and drive execution of their ideas end to end. Challenging the status quo is always appropriate, accepted and appreciated.
✅ You’re fluent in spoken and written English, which is our company language at Wolt.
Additional Information
Apart form solving cool security topics, you’ll get to work in a company culture where we take ownership beyond the obvious, do common things uncommonly well, we think big but stay humble, do right by people, we treat others kindly and justly, recognise that if we don’t learn, we won’t stay still but fall behind, and keep in mind that Luke was Yoda’s greatest achievement.
On top of the benefits, the compensation will be a negotiable combination of monthly pay and DoorDash equity. The latter makes it exceptionally easy to be excited about our company growing and doing well, as you’ll own a piece of the pie.
Join us for an exciting journey - we will close the role as soon as we find a suitable candidate, so make sure to apply as soon as you realize you really, really want to join us!
For any further questions about the position, you can turn to Product+ Talent Acquisition Partner - Lina Muncyte (lina.muncyte(at)wolt.com).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Cloud Compliance DevOps GDPR Governance ISO 27000 ISO 27001 NIS2 NIST Privacy Risk management SOC SOC 2 SOX Zero Trust
Perks/benefits: Equity / stock options Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs