Logo-of-Pliant-hiring-for-jobs-in-Finland-on-GrabJobs

Information Security Manager (GRC Engineering) (m/f/d)

Job Description - Information Security Manager (GRC Engineering) (m/f/d)

ABOUT US

Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability.

We serve two primary customer segments:

  • Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines.

  • Businesses such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant’s embedded finance and white-label solutions.


Founded in 2020 and headquartered in Berlin, Pliant supports over 4,000 businesses and more than 20 partners globally. As a licensed e-money institution (EMI), we issue credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments.

Learn more at www.getpliant.com

ABOUT THE ROLE

We are built AWS-native and audited against SOC 2, PCI DSS v4.0.1, HIPAA, and DORA. We run compliance like we run infrastructure: instrumented, automated, and owned by people who can read a log before they write a policy.

We're looking for an Information Security Manager (m/f/d) with a builder's mindset who happens to specialize in compliance, not a policy writer who happens to use a compliance tool. You'll own SOC 2, PCI DSS, HIPAA, and DORA end-to-end, and you'll do it by building automation, not by chasing screenshots.

They will report directly to the CISO in a growing team and be open to working with our team in our office in Helsinki (hybrid).


WHAT YOU`LL DO

  • Build automated evidence pipelines against AWS, IAM, and our security stack (AWS, Wiz, Vanta, SentinelOne, Datadog), control monitoring that runs itself, maturing security and compliance status.

  • Integrate compliance checks into CI/CD so drift gets caught before an auditor does.

  • Extend our compliance automation platform (Vanta) with custom integrations where the defaults don't cover our control set.

  • Own the security & compliance program (ISO 27001, SOC 2 Type 2, PCI DSS v4.0.1, HIPAA), audits, scoping, control testing, QSA/auditor relationships, risk register.

  • Turn regulatory requirements into engineering-consumable specs and tickets, and track them to closure.

  • Run vendor/third-party risk under DORA; support incident response from the compliance side.

WHAT YOU`LL BRING

 
  • 3+ years in security compliance, with real ownership of at least one full SOC 2 or PCI DSS audit cycle.

  • Experience of working with Tech and engineering teams

  • Working knowledge of at least two of: SOC 2, PCI DSS, HIPAA, DORA, applied to a real environment, not textbook.

  • Experience managing external auditors/QSAs through to a delivered report.

  • Excellent written communication, you'll write for engineers, auditors, and executives in the same week.

  • Comfortable owning ambiguity with a small team behind you, not a large one.

Nice to Have

  • Experience at a regulated fintech, EMI, PSP, or bank.

  • CISSP, CISA, CISM, or ISO 27001 Lead Auditor/Implementer.

  • Experience with LLM-based tooling for security/compliance workflows.

Why This Role

The foundations are already built. The mandate now is to make the next stage, GRC Engineering and real control automation. Direct access to the CISO, real autonomy, and a genuine say in security strategy.


WHAT WE OFFER

  • The opportunity to work in a growing team with big responsibilities that thrives on a strong exchange of knowledge and excellence

  • Attractive remuneration

  • Your choice of preferred OS, Windows or Mac

  • Flat hierarchy and transparent communication in a relaxed, professional atmosphere

  • Opportunity to develop your talent in a dynamic team with ambitious goals

  • Flexibility and possibility to work remotely

  • Company card with a monthly allowance for lunches, coffee, etc. with co-workers


At Pliant, we believe diversity and inclusion are essential to building not only an innovative product but also an exceptional experience for both our customers and our team. This commitment begins with our hiring process—we welcome individuals of all racial and ethnic backgrounds, religions, national origins, gender identities or expressions, sexual orientations, ages, marital statuses, and abilities. If you require accommodations or accessibility support during the interview process, please let us know in your application so we can make sure your experience is seamless.





Original job Information Security Manager (GRC Engineering) (m/f/d) posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Information Security Manager Jobs in Finland

GrabJobs is the no1 job portal in Finland, connecting you to thousands of jobs fast! Find the best jobs in Finland, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.