Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Helsinki (Hybrid), Eteläesplanadi 24, on-site 3 days /week
Reports to: Founder & Chief Technology Officer
Type: Full-time, permanent
Zevoy is a fast-growing fintech modernising spend management with smart payment cards and advanced financial tools. We operate as an EMI regulated by the FIN-FSA, serve customers across the EU, and are ISO/IEC 27001 certified. With ~40 people on the team, we move quickly, keep bureaucracy light, and expect leaders to be hands-on, from small fixes to big strategic initiatives.
We’re hiring an Information Security Officer to own Zevoy’s security posture end-to-end and take it to the next level. This is a builder role: you'll shape the function, roll up your sleeves, implement controls, and partner closely with product, engineering, operations, compliance, and leadership. This role suits someone with 3–5 years in security, risk, or compliance who’s ready to step into broader ownership in a high-growth fintech.
- Own and evolve the ISMS: maintain and improve our ISO/IEC 27001-aligned information security management system.
- Lead information security risk management: run risk assessments, own the risk register, drive treatment plans, and report to leadership.
- Audit & assurance: plan and execute internal audits; coordinate external audits and surveillance audits for certifications.
- Security operations: guide incident response (prepare, detect, contain, recover), lead post-mortems, and drive improvements.
- Secure delivery: embed security in SDLC, change management, and release processes; champion practical, developer-friendly controls.
- Vendor & third-party risk: Run due-diligence, onboarding, and continuous monitoring.
- Compliance partner: Collaborate with Compliance to ensure alignment between information security and data protection frameworks
- Hands-on enablement: From access reviews to asset inventories—you’ll do what’s needed to keep us safe and compliant.
- System administation: including for example mobile device management & network security
- 3–5 years in information security, risk, or compliance (fintech, SaaS, or audit background is a plus)
- Working knowledge of ISO/IEC 27001, risk management, and security controls; familiarity with other regulatory frameworks of the financial sector (e.g. GDPR, DORA, NIS2, EBA ICT Guidelines) is a plus.
- Comfort operating hands-on in a lean environment while setting strategy and priorities.
- Clear communicator who collaborates well with both technical and non-technical teams.
- Excellent English; Finnish is a plus (not required).
- Join one of Finland’s 100 fastest-growing fintechs expanding across the EU.
- Own the whole security stack and grow your scope as we scale.
- Hybrid work: 3 days/week at our new central Helsinki office.
- An international culture that values impact, ownership, and winning together.
We’re moving quickly and will hire as soon as we meet the right person, so please send in your application through our own careers site if you believe this job is for you!
Key Skills
Ranked by relevanceReady to apply?
Join Zevoy and take your career to the next level!
Application takes less than 5 minutes