Information Security Specialist/Manager
Remote - Helsinki, Uusimaa, Finland
Leadfeeder is a fast-growing international SaaS startup, headquartered in Finland. We are on a mission to bring web intelligence to our customers. Simply put, Leadfeeder helps companies know more about their website traffic, which enables them to convert promising visitors into sales and marketing leads.
We are a remote-first company, which means you can work from wherever you prefer as long as you are physically located in Europe. To support our distributed setup, we have a culture of transparency, ownership, and collaboration. We love our casual dress code, company retreats in sunny locations, and the opportunity to work with a truly diverse 100+ strong team based in 25 countries.
What sets us apart? We are a market leader with a solid business model ready to be scaled. Our data-driven and customer-centric approach keeps us grounded while providing a basis for sustainable and ambitious growth.
Are you a self-starter looking to learn and grow as part of a world-class team? Join our journey!
We are looking for an Information Security Manager/Specialist to work with our IT, technical teams and senior management to bring our information security practises to the next level.
- Work on internal IT security and governance: access management, staff training, workstation and tools security configuration. Vendor security assessments.
- Maintain security and compliance policies, internal and external documentation
- Security risk analysis
- Work on compliance and certification: ISO 27001, GDPR
- Evangelise good security practises across the company
- Develop and maintain security monitoring and analysis (Google Workspace, AWS, firewalls, device management)
- GDPR / CCPA compliance (we can provide training as needed)
- Application / production security, be involved reviewing pentest programme reports, vulnerability scan reports, allocate CVSS for issues, etc.
- Security and compliance reviews of new features and plans
- Production cloud infrastructure (AWS) security
- Working with our infrastructure team on disaster recovery plans and testing
- 3+ years job experience in Governance, Risk management and Compliance related role
- Relevant education and/or certifications (CISSP, CISM, etc)
- Practical experience on implementing a relevant security standard/platform (ISO 27001, SOC-2, equivalent)
Nice to have
- Data Protection experience / certifications (CIPP, CIPM)
- Application security / pentesting experience
- Cloud Infrastructure experience
- The chance to work with a very knowledgeable, high-achieving, and fun team
- An international, diverse, fast-paced, and results-oriented work environment
- The opportunity to work remotely, with a flexible work schedule
- A competitive salary
- Bi-annual company retreats in sunny locations (currently remote, but we’ll resume as soon as traveling restrictions allow it)
If this role excites you and sounds like a great fit, please apply below!