Senior Information Security Specialist (Cybersecurity)

TL;DR

Senior Information Security Specialist (GRC): Designing and operating a global compliance change management framework to detect regulatory changes and drive remediation with an accent on security and privacy compliance. Focus on translating complex regulatory requirements into actionable controls and facilitating risk workshops across cross-functional teams.

Location: Must be based in Helsinki, Stockholm, Berlin, or London

Company

A global technology platform providing delivery services for restaurants and various other goods in over 500 cities across 30 countries.

What you will do

• Design and operate a global compliance change management framework to identify security, privacy, and regulatory obligations.
• Lead compliance-impact assessments for new regulations, product launches, market expansions, and technology initiatives.
• Facilitate compliance risk workshops with Engineering, Legal, Privacy, Product, and IT stakeholders.
• Translate complex regulatory and privacy requirements into practical control specifications for technical teams.
• Identify control gaps, assess residual risk, and define remediation plans with clear accountability.
• Support control mapping and harmonization across frameworks such as ISO 27001, SOC 2, NIST CSF, PCI DSS, and GDPR.

Requirements

• 6+ years of experience in GRC, security compliance, technology risk, or IT audit, preferably in a global tech, SaaS, or fintech environment.
• Experience managing or contributing to a global compliance framework or security/privacy management program.
• Proven track record of building or improving compliance change management or regulatory-change processes.
• Strong working knowledge of ISO 27001, SOC 2, GDPR, or CCPA.
• Ability to translate legal and framework requirements into clear, tangible control specifications for engineers.
• Must be based in Helsinki, Stockholm, Berlin, or London

Culture & Benefits

• Entrepreneurial and fast-paced environment where you can build and ship more than in most other companies.
• Strong commitment to diversity and inclusion, empowering teams from all backgrounds and perspectives.
• Opportunity to be part of a highly scalable and reliable global delivery network.