Security Officer

Sambla Group is a fintech company with a clear goal – to make loans better for all. We need you, your ambition and your skills on our journey. We have become the fast-growing fintech company that we are today - bridging the gap between borrowers and lenders - thanks to all the 300+ amazing people who work here.

Our success is the result of the commitment to deliver the best customer journey and consumer finance products in the industry. Our vision is to democratize lending and empower customers to improve their personal finances. Through our well known brands such as Sambla, Advisa, Rahalaitos, Omalaina, Rahoitu and DigiFinans we support customers in consolidating and getting the best terms on their loans.

At Sambla Group, we believe that a robust security posture is key to our success. As the Security Officer, you will help ensure we meet and exceed all security requirements, empower teams to adhere to best practices, and instill a strong culture of security awareness. Join us in our mission to maintain a competitive edge in FinTech security and make a meaningful impact on our organization.

In this role, you will evaluate and challenge our current security measures to identify areas for improvement. Your responsibilities will include:

• Setting and enforcing security protocols across all teams and processes.
• Conducting operational security activities such as vulnerability scanning, penetration testing, and vendor assessments.
• Continuously assessing and refining our security-related processes, procedures, and tools.
• Leading training initiatives to develop a culture of security awareness within the organization.
• Monitoring industry trends and threats, providing valuable insights into new technologies and strategies.
• Conducting security audits and preparing comprehensive reports for leadership.
• Collaborating with various departments to align security efforts with our organizational goals.

We are looking for a candidate with former experience in cybersecurity roles, ideally in FinTech or regulated industries. You should bring:

• Strong technical proficiency with a solid understanding of TCP/IP, firewalls, VPNs, and network architecture.
• Experience with operating systems such as Windows, Linux, and MacOS.
• Familiarity with security technologies like Intrusion Detection and Prevention Systems.
• Skills in risk assessment frameworks like NIST or ISO 27001.
• Incident response experience, particularly in forensics and remediation.
• Knowledge of regulatory requirements such as GDPR, DORA, and NIS2.
• Relevant certifications, including CISSP, CISM, CEH, or CompTIA Security+.

While not mandatory, experience in Security Engineering within DevSecOps environments and knowledge of disaster recovery and business continuity planning would be advantageous. A degree in Computer Science or a related field is expected.

What we offer:

• Business in mind & people at heart – we deliver results together and celebrate our achievements.
• A varied and challenging role in a multinational and highly innovative company, where we value the development of our employees
• We are strong believers in creating a fun workplace where people enjoy coming to work.
• A friendly culture with openness and respect for one another, with the possibility to influence and make a difference on society and people’s everyday lives.
  
  Please note!
  As part of our efforts to foster an unbiased recruitment process, we kindly encourage you to not include picture, gender, ethnicity, religion, disability, sexual orientation or age in your CV.