Hey there, great that you found our job description for Information Security Officer.
We are looking for a curious and proactive person to drive the overall information security management within Enfuce and to develop it further. You will be in a key role in building trust by systematically managing information security controls appropriate to risk.
If you have a great track record in building and managing information security, as well as interest in developing your skill-set in a high-growth and technology-driven environment, please read on, because chances are that we should have a chat.
Why we exist
We believe that us humans can make a positive impact in the world, if every company and everyone has access to user-friendly, sustainable, reliable and secure payment services wherever they are. Ever since Enfuce was founded in 2016, we’ve revolutionized the industry by making payment services available for more companies and their customers.
How we do it
New payment technologies are taking an ever stronger foothold in all businesses. But to us, it’s not just about the tech, but the people behind it. We are a diverse group of 140+ people who are extremely talented, experienced and skilled in all aspects of payments, driven to help our customers build payment services that their customers trust and love.
What we do
We build innovative, relevant and safe cloud-based Payment, Open Banking and Sustainability services. Our customers range from start-ups to global enterprises. The cloud-based services we provide are fast to implement, easy to use, fully compliant and authorized by the financial authorities.
WHAT IS THE ROLE ALL ABOUT?
The key purpose of the Information Security Officer is to systematically manage and develop information security within Enfuce. This includes driving the implementation of appropriate information security controls relevant to the applicable business risk.
As a cloud native organisation, we strive to cutting edge technology and solutions while at the same time ensuring compliance, security and operational excellence. At Enfuce, Information Security Officer is part of our Legal, Compliance and Risk team, which is the team managing our compliance with legal and industry requirements as well as risks related to our business overall. Moreover, the Information Security Officer will work in close cooperation with all parts of the organisation, including management and technical experts.
While you will be expected to be able to perform your duties mostly independently, you won’t be alone. You will work closely with our Data Protection Officer, General Counsel and risk management experts who will support you with company principles and guidelines to effectively execute your role. You will also have the support of key technical and industry experts in the group that will support your industry and company knowledge to give context and specifications in the assessment and implementation of your work.
Your responsibilities include:
- Managing and continuously developing information security overall within Enfuce
- Developing and managing of an information security management system (ISMS)
- Ensuring Enfuce’s continuous compliance with PCI standards (PCI-DSS and PCI-3DS), other standards and industry best practices
- Owning and advising on the yearly PCI-x re-certification projects
- Owning and implementing information security training and awareness campaigns across Enfuce
- Owning (documenting, updating, and promoting) relevant policies, guidelines and procedures
- Coordinating activities related to information security assessments, audits and testing
- Developing information security within Enfuce’s operations.
What we look for:
- Solid knowledge of and 5+ years of working experience with information security
- Bachelor’s degree or higher on a relevant field of study
- Knowledge and working experience with relevant information security standards, such as ISO/IEC 27001, PCI-DSS and PCI-3DS
- Project management skills
- Understanding of both administrative and technical aspects of information security
- Experience on working with vendors, including vendor risk management
- Hands-on attitude and ability to execute while keeping the big picture in mind
- Excellent English language and presentation skills to be able to collaborate with different stakeholders in an international company
- Previous experience on working within the payments or financial industry is a plus
- Curiosity and willingness to develop yourself and the company further
- Eagerness to take responsibility for your part in the Enfuce journey
At Enfuce we can offer you:
- Utilizing the latest technologies in AWS and cloud native tooling
- Working in an agile environment where the teams are free to make technical decisions and decide what technology best works to solve the problem at hand
- Plenty of room for personal growth within information security as well as within the company
- Along with salary and other perks & benefits, we offer ESOP – incentives to share the success
Our culture and leadership can be summed up as focused on ownership, responsibility and solution orientation. This is a permanent position located at either our Espoo or Mariehamn Offices, or remotely if you are located elsewhere in Europe.
HOW TO APPLY?
If you feel you’ve got the attitude needed for the opportunity, we would absolutely love to hear from you!
Just click “Apply for this job” and leave your information – we’ll contact you!