Intergiro is a Swedish FinTech company with a purpose - we’re here to help businesses grow.We are looking for an Information Security Officer to our HQ in Stockholm or someone to work for us remotely. The person must be citizen or resident of Sweden, Norway, Denmark, Finland, Germany, Netherlands, Portugal (Lisbon), UK or Ireland  

Role Description

The Information Security Officer (ISO) provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of electronic information by communicating risk to senior administration, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements.

To support these activities, the ISO coordinates activities with other services, including the evaluation, procurement, and deployment of security-related products and develops and coordinates information security awareness and education programs. Additionally, the ISO ensures that system-wide disaster recovery and incident response plans are in place.

Experience and Qualifications:

• Education: Bachelor’s degree is preferable.


• At least 8 years of varied experience within Information Technology


• At least 2 years of direct experience in information security-related duties


• Experience with computer and networking infrastructure including operating systems, network troubleshooting, firewall administration, Kubernetes configuration, network protocols, routers


• Experience in working with corporate functions and processes including project management, regulatory compliance, risk management, information security policy, and providing training.

Skills:

• Ability to understand hardware and software systems


• Ability to maintain confidentiality in regard to information processed, stored, or accessed by the company’s information systems


• Ability to manage multiple concurrent projects and to reason analytically


• Ability to work with and train people possessing differing levels of technical knowledge


• Effective English verbal and written communication skills and proficiency in writing technical documentation

Essential Duties and Responsibilities:

• Creates information security strategies, both short-term and long-term, in support of the company’s goals and strategies.


• Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the company’s goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.


• Communicates risks and recommendations to the CIO and wider exec team, to mitigate risks by communicating in non-technical, cost/benefit terms and in a format relevant to senior administrators, so decisions can be made to ensure the security of information systems and information entrusted to the company.


• Oversees all ongoing activities related to the development, implementation, and maintenance of the company’s information security policies and procedures by ensuring these policies and procedures encompass the overall security of electronic information at rest or in motion within our environment, assisting all service in local process and procedure development, ensuring alignment to company and regulatory policies.


• Assists all services within the company to ensure regulatory compliance in the area of PCI DSS, GDPR and any other compliance areas that apply over time.


• Ensures vulnerabilities are managed by directing periodic external vulnerability scans of our external facing servers and services.


• Develops information security awareness training and education programs for company staff and contingent workers and participates in awareness and education events, as appropriate.


• Evaluates security incidents and determines what response, if any, is needed and coordinates responses, including technical incident response teams, when sensitive information is breached.