About Avida:

At Avida, we specialize in consumer and SME financing, delivering exceptional customer experiences both digitally and personally. We are currently on an exciting transformation journey. As of January 1, 2025, we proudly completed the acquisition of Santander Consumer Bank's credit card operations in Sweden and Norway, as well as their retail financing business with Elkjøp (Norway) and Elgiganten (Sweden). This milestone brought 450,000 new private customers and nearly 50 new employees into our growing organization.

With our headquarters in Stockholm and offices in Oslo, Helsinki, and Stavanger, Avida now has a team of approximately 210 employees. We are regulated by the Swedish Financial Supervisory Authority (Finansinspektionen) and are committed to shaping the future of finance.

Responsibilities

Information Security Officer (ISO) works closely with CISO and IT management to maintain and improve Avidas IT security architecture, controls and processes. ISO contributes to regulatory compliance and control of cyber risks.

ISO reports to CIO and is part of the IT management team.

The main tasks are stated in the job description, but the employee may be required to perform other tasks than those stated in the job description.

Tasks

• Together with CISO and IT management maintain and improve Avidas IT security architecture, controls and processes
• Manage Avidas ISMS based on ISO 27001
• Assist CIO in maintaining IT policies and security instructions
• On a quarterly basis create status reports for the ARC meetings
• Assist CISO in awareness trainings for the entire company
• In cooperation with CISO and IT management contribute to regulatory compliance (e.g. EBA Guidelines, FI FFFS, GDPR, DORA) within ICT
• Maintain and drive a documented process that ensures regular tests of Disaster Recovery (DR) routines
• Maintain and drive a documented process that ensures regular user access reviews within and outside IT
• Maintain and drive a documented process that ensures regular penetration tests (PEN)
• Participate, facilitate and follow-up on actions from internal, external and cyber security related audits
• In cooperation with CTO, ensure regular tests of the “Riksgälden”-file
• Manage and visualize IT annual wheel which should include regular audits, tests and trainings

Competence

• Minimum of 3 years relevant working experience with Cyber and Information security
• Working experience with operational risks, cyber and information security within the financial sector
• Knowledge of regulatory frameworks such as EBA Guidelines, FI FFFS, GDPR and/or DORA
• Working experience with Cyber and Information Security in Cloud environments
• Working proficiency in English and Swedish (written and oral skills) and experience from presenting summary reports to company management

Characteristics

• Problem solver
• Structured
• Team player
• Integrity

Why Avida?

At Avida, you’ll be part of a team that values innovation, collaboration, and personal growth. We’re on a mission to transform the financial landscape and are looking for talented individuals to help us get there. With a supportive work culture and exciting challenges, this is your chance to make a real impact.

Application Process:

This recruitment is managed by UNQ Recruitment, and we kindly ask recruitment and consulting firms not to contact us directly. All applications and initial interviews will be conducted by them.

If you have any questions about the role, please contact Nina Sejdini via email at [email protected].