Lendo is one of the most successful Fintech companies in Sweden and are present in Norway, Finland, Denmark, Poland and Austria. And we continue to expand in to new markets, do you want to take part in this extremely fast-paced and exciting journey?Lendo Data Security Specialist
will act as a center of excellence, working in the tech department and across Lendos business to protect data security and operations. The role needs to balance security with business agility, to drive strategic, tactical and operational improvements to meet the security governance challenges of today and the future. The role is wide and you will be very hands on as well as strategic. Since the role is new you will be a big part of forming it together with your manager.What you will be doing
How will you be doing this
- Security evangelist across Lendo to promote, change and integrate security governance across Lendo business and operations
- Plan and implement security assessments and audits aligned to risk priorities to most effectively manage business risks, lead and drive the changes needed.
- Create, deploy and acquire appropriate security awareness content and courses to raise and improve overall security awareness aligned to applicable audiences, from developers to general employees
- Work with Access Management, Business Continuity, producing and implementing security policies.
- Act as Privacy Lead for all Lendo companies and ensuring compliance with GDPR requirements, working closely to Schibsted Privacy office.
- Maintaining a Data inventory
- Performing Data Privacy Impact Assessments
- Manage Data processing agreements with vendors
We think you have the skills and experience from
- You will be the specialist and "go to person" regarding Data Security and GDPR at Lendo but you will be working close to the developers and SRE team as well as the Product Managers, Privacy office and Security forums within Schibsted.
- Bring your own unique skill set to the table and collaborate with others to accomplish your goals.
We enjoy working with people who are
- Working over 3 years in a security role
- Working with GDPR
- Working application security expertise across cloud IaaS and SaaS environments, including direct security management experience with AWS, Google or Azure
- DevSecOps knowledge and implementation expertise, inclusive of automation of vulnerability scans and security compliance tools
- Diverse security expertise from legacy data center environments to container orchestration
- Working practical knowledge of full security suite of controls from identity access management across network and application security with both on-premise and SaaS-based application solutions
- Familiarity with operations and security technical compliance maintenance of IAM, PAM, SDP, IDS/IPS, HIPS, WAF, SIEM, DLP, UEBA/CASB or similar security technologies
- CISSP certification is a plus.
- Excellent communications skills with an entrepreneurial spirit
- Ability to proactively solve problems and react to security challenges in real-time
- Excellent skills in spoken and written English
- Bachelor's degree in computer science or equivalent
- Positive and has a can-do attitude
- Prestigeless in communication towards business and tech teams.
- Solution oriented and self driven
- Deeply interested and curious in the technology space of data security
- Super central location with awesome rooftop
- Weekly training hour
- Extra paid parental leave
- 4 000 SEK health promotion allowance
- Company pension (ITP plan)
- Share saving & matching plan (ESSP)
- Schibsted LearningLab - Personal development