Hey, you look like you might be our new ย Senior Information Security Specialist - Governance, Risk & Compliance
Security
Stockholm, Swedenย ยท Helsinki, Finlandย ยท Remote
Full-time
Wolt is looking to expand its Security team by hiring an Information Security Specialist to help us build an even more secure Wolt! Perhaps we could do that with your help? Youโll be joining Woltโs security teamโs Governance, Risk and Compliance (GRC) focus area, developing our information security management system to the next level. At Wolt we believe that you shape your own path and this one in particular can be adjusted based on your prior experience and professional interests expanding the scope of your duties according to your preferences. You will also be supporting and advising different teams in strategic and operational security related matters.
When it comes to the Security Team at Wolt, there are few things that make it quite unique:
โญ๏ธ Weโre a cross-disciplinary team which makes us strong: looking after not only security, but also privacy and physical security and safety
โญ๏ธ We work across the whole company and report to the CEOโs office, so weโre not buried under an organizational silo
โญ๏ธ Weโre a truly a Cloud Native, Zero Trust and DevOps company - so much so that we donโt usually even care about those buzzwords
The Wolt Security team is distributed across several locations, and new team members are welcome to either of our tech hubs located in Helsinki or Stockholm or you can work entirely remotely anywhere in Finland or Sweden.
As an Information Security Specialist youโll be solving these challenges:
๐ You will be responsible for managing and driving improvement of several compliance and governance initiatives at Wolt. These may include initiatives such as upgrading our ISO 27001 program to the latest version or improving the way we do risk management. You will need a big vision and a pinch of design and engineering skills to succeed like a true champion. This will be your most important priority and should consume most of your time.
๐ Youโll ensure that all the periodical milestones and control activities are performed accordingly. One of which is attending to our team efforts in handling and resolving security and privacy events and incidents. This is an important duty, one which will not consume your time too much.
๐ You will be a point of contact for external and internal stakeholders managing our compliance audits and enabling our business. You will convince external stakeholders on Woltโs capabilities to manage their data securely. You will provide security advice for our internal stakeholders such as IT, engineering and product team - always enabling other teams to succeed in their work. Influencing internally and externally is a task you will use time on a weekly basis.
๐ You will play a remarkable role in the team effort of ensuring that we meet our legal and contractual obligations in regards of security and privacy. You'll succeed if your approach is not to do compliance just for the sake of compliance - it's all about enabling the business and making smart control design choices that are scalable and won't overload our team or our main stakeholders unnecessarily.
Our humble expectations
You might be just the person weโre looking for if:
โ You have at least 3 years of experience in GRC security or privacy roles, from consulting or as an in-house expert and have vast experience of cross organizational projects and stakeholder management.
โ Youโre aware of the applicable legislation such as GDPR, NIS2 and DORA and may have worked with some of them earlier.
โ You have solid knowledge and experience in designing and implementing controls from commonly known security frameworks (e.g., ISO 27000 series, NIST, SOX ITGC, SOC 2).
โ Youโre a quick learner and easily adaptable to changes in your work day as the only constant is change.
โ Youโre service-minded. Youโll be collaborating with different stakeholders and functions internally, such as Product and Engineering, Legal, IT and our Payments Institution so this mindset is key. For this, knowledge and experience of modern product development practices and data privacy related projects is a major advantage.
โ Youโre a goal-oriented person, someone who can take ownership of their scope of duties and drive execution of their ideas end to end. Challenging the status quo is always appropriate, accepted and appreciated.
โ Youโre fluent in spoken and written English, which is our company language at Wolt.
Next steps
Apart form solving cool security topics, youโll get to work in a company culture where we take ownership beyond the obvious, do common things uncommonly well, we think big but stay humble, do right by people, we treat others kindly and justly, recognise that if we donโt learn, we wonโt stay still but fall behind, and keep in mind that Luke was Yodaโs greatest achievement.
On top of the benefits, the compensation will be a negotiable combination of monthly pay and DoorDash equity. The latter makes it exceptionally easy to be excited about our company growing and doing well, as youโll own a piece of the pie.
Join us for an exciting journey - we will close the role as soon as we find a suitable candidate, so make sure to apply as soon as you realize you really, really want to join us!
For any further questions about the position, you can turn to Product+ Talent Acquisition Partner - Lina Muncyte (lina.muncyte(at)wolt.com).