Head of Security Engineering

At Trustly, we’re passionate about simplifying the way people pay and get paid online. We are a licensed payment institution and our B2B products available across Europe and the US attract global merchants in segments such as e­-commerce, travel, financial services and gaming. In June 2018, private equity firm Nordic Capital acquired a majority stake in Trustly with ambitions to support us in becoming the leading global online banking payments provider.
We are a diverse and fast-growing team with our headquarters in Stockholm, Sweden, and offices in Lisbon, Örebro, London, or Malta. The American operation has offices in the USA and Brazil, however this role opening is to be located in Stockholm where the rest of the team is currently placed. You can spend as much time as you like in our offices, or work from home to 50% of the time.
Together we are leading the development of the payments industry and the work you’ll do here will make a great impact. Trustly is a tech company at heart. Two of our three founders are developers and you’ll get the chance to work alongside many talented and motivated colleagues who will help you learn and grow.
About the Security Engineering team
As part of fulfilling the objective of becoming the leading global online banking payments provider, we are strengthening our capability in the information and cyber security area. We are now looking for a Head of Security Engineering to head up the team we are putting together to take on the journey of growth. The Security Engineering team staffed by our Security Engineers is there to safeguard our IT application and services provided 24x7 across the globe.
This is a small technical group of security professionals ensuring security lies in the core of everything we build and operate. They combine their expertise to provide security services to the organisation with automating security controls wherever and whenever possible. The Security Engineering team is undergoing an expansive phase and you will have great opportunities to influence this transition and transformation.
The Head of Security Engineering will manage the Security Engineering team, an important part of the Tech organisation. You will report directly to the CTO / Chief Technology Officer in Stockholm, and be part of the Tech Management team that together lead the European Tech organisation with about 200 employees.

What you'll do:

• Responsible for team well-being, and ensuring the team is correctly staffed, trained and equipped to protect the company from ICT risks. 
• Be a valued and contributing member of the Tech Management team.
• Responsibility for planning, implementing, managing, monitoring and upgrading required security controls, for all ICT assets, as outlined in the ISMS. That means management of security measures as documented in our security policies, procedures, and instructions and for the protection of the organisations ICT assets such as data, processes, systems and networks.
• Work with our CISO to align the security roadmap with current and future organisational security requirements. This is a tactical role in the first line of defence. The overall security strategy and ISMS is managed by the CISO in the second line of defence.
• Champion security culture throughout Trustly, working with all parts of the organisation to ensure everyone has the awareness, support and empowerment required to make sure security lies at the core of everything we do.
• Ensure Trustly’s tech platforms and software development practices are at the forefront when it comes to cyber security.
• Grow the team by adding team members with the right skills, experience and attitude and empower them to contribute to our continued success.

What we hope that you bring:

• You have spent a few years in the area of cyber security doing hands-on technical security work and have a verified track record of building and leading security teams.
• You enjoy working in a fast-paced organisation where you will be challenged daily to make sure security enables our maintained speed forward rather than inhibiting it.
• We think you are a person with a passion for making your team grow and thrive by actively coaching your team members and contributing to the team’s success by making things smarter/faster/better.
• We attach great importance to personal qualities and see that you are a person with excellent communicative ability who can connect theory with practice and adapt your message and communication style to your audience.
• You are analytically inclined and you like to share information and conclusions with others. You take pride in what you do and like to make a positive difference!
• You need to be fluent in both Swedish and English, written and spoken. 
• Holding an active EU or Swedish work permit and visa.

We believe you have several of the following qualities:

• Experience in building and managing technical security teams. 
• Experience from and ability to drive larger technology initiatives in collaboration with stakeholders in different levels of the organisation.
• We honour and believe you have some industry certifications such as: CISSP, CISM, OSCP, ISO 27001 lead implementer or similar, that may be active or since long expired.
• Experience in building security on modern infrastructure platforms using technologies such as AWS, Splunk, Kubernetes, Infrastructure as code, Linux, etc.
• Knowledge in secure development practices using Java, Docker, Kubernetes, AWS, etc.
• Service oriented mindset with a good understanding of the balance between delivery and security.