Information Security Officer (m/f/d)

ABOUT US

Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability.

We serve two primary customer segments:

• Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines.


• Businesses such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant’s embedded finance and white-label solutions.

Founded in 2020 and headquartered in Berlin, Pliant supports over 3,500 businesses and more than 20 partners globally. As a licensed e-money institution (EMI), we issue Visa-powered credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments.

Learn more at
www.getpliant.com

ABOUT THE ROLE

We are currently looking for an Information Security Officer (m/f/d)  to join our team and be part of our continued success and growth. Ideally this role will be based in Helsinki, Finland, and will report directly to the Head of Information Security and Operational Risk. 

You’ll collaborate with the Head of Information Security and Operational Risk Specialist on a daily basis, and be part of the larger group level Legal & Compliance team. You’ll also frequently work with other internal stakeholders, including Security Engineer, Product and Engineering teams, Legal Counsels, and many others when managing information security related risks, investigating incidents, and designing and improving security measures and controls. You’ll also work closely with our current and potential customers and partners to address any questions or concerns they might have.

WHAT YOU´LL DO 

• Assist in maintaining the information security policies, procedures and guidelines.


• Participate in the operational risk management process to identify, assess, treat and monitor information security risks, including coordinating ISO27001 information security assessment workshops.


• Manage information security development projects to improve existing processes, and to develop new ones, including identifying and implementing new approved solutions. 


• Assess third party service providers in terms of information security risk, mitigations and controls.


• Audit security controls and report non-compliance as part of the second line of defence. Assist in auditing the environment against legal and regulatory requirements and industry standards.


• Assist with the quarterly information security senior management updates and key risk indicator reporting.


• Coordinate information security awareness initiatives.


• Support our sales team in customer due diligence processes, including answering information security questionnaires from current and potential customers. 


• Support internal and external stakeholders in international security related questions.


• Participate in internal and external audits, including gathering and presenting evidence, documenting findings, and planning remediation actions. 

WHAT YOU´LL BRING 

• Degree in Cybersecurity, Security & Risk Management, Computer Science, Information Systems, or a related field.


• 1-3 years of experience in information security management, consulting, or audit


• Fluent written and English language skills


• General knowledge of information security standards and frameworks, including ISO27001:2022, PCI DSS 4.0.1, and SOC2.


• A problem solving business mindset, with an interest in financial service offerings


• Ability to communicate and present topics clearly and effectively in a multicultural environment


• Ability to travel internationally, typically once every quarter. 


• Quick to learn, and ability to adapt to quickly changing environments. 

NICE TO HAVE EXTRA SKILLS 

• Knowledge/experience in the financial industry, and implementing regulatory requirements in the EU, UK or US, including DORA, Operational risk management, and Outsourcing.


• Experience of implementing information security standards and controls,, including ISO27001:2022, PCI DSS 4.0.1, and SOC2.


• Experience  in various information security domains, including risk management, business continuity and disaster recovery, threat management, vulnerability management, identity and access management, asset management, secure software development, and cloud security. 


• Experience in  participating in internal and external audits.


• Experience in auditing third-party service providers. 


• Additional languages would be an advantage, especially Finnish or German. 


• Project management experience.

WHAT WE OFFER 

• The opportunity to work in a growing team with big responsibilities that thrives on a strong exchange of knowledge and excellence 


• Attractive remuneration


• Flat hierarchy and transparent communication in a relaxed, professional atmosphere


• Opportunity to develop your talent in a dynamic team with ambitious goals


• Flexibility and possibility to work remotely


• Company card with a monthly allowance for lunches, coffee, etc. with co-workers