Information Security Officer

at  Rydoo

We are Rydoo! Europe’s fintech scale-up that makes spend management the easiest part of your day.
Spend management has been too complicated for too long. Rydoo’s app backed with OCR technology helps our clients save time and money with just a few clicks & photos.
We are building a new generation of spend management software with a product-first approach that our end-users truly benefit from.

REQUIREMENTS

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 2+ years of experience in information security, IT or audit, preferably within a SaaS environment.
• Working proficiency in English.
• Experience managing ISO, SOC 2, and PCI audits, with a deep understanding of the requirements and processes involved.
• Experience managing penetration tests to identify and address vulnerabilities.
• Strong experience in managing IT security incidents and working with security technologies (firewalls, IDS/IPS, web application firewalls, vulnerability management tools).
• Strong understanding of GDPR requirements. Knowledge & understanding of relevant legal & regulatory requirements.
• Strong leadership and communication skills, with the ability to educate and persuade a diverse audience.
• Excellent analytical, problem-solving, and risk assessment skills with a methodical and rigorous approach.
• Ability to work autonomously and lead cross-functional initiatives.

PREFERRED SKILLS:

• Experience in working in the SaaS industry is a big plus!
• Familiarity with the Azure cloud environment.
• Soft skills: autonomous, analytical, persuasive, dynamic, and flexible with leadership capabilities.

THE ROLE

To support our growth, we are looking for an experienced Information Security Officer who will be responsible for the security, confidentiality, integrity, traceability, and regulatory compliance of Rydoo’s systems and data. You will drive the implementation of security strategies, policies, and processes, with a focus on application and customer security. You will also oversee the management of key security audits, including ISO, SOC 2, and PCI compliance, ensuring that Rydoo meets the highest security and regulatory standards. This is a key role that involves working with internal and external stakeholders to ensure our business is robust and continuously evolving.

KEY RESPONSIBILITIES:

• Develop and enforce security policies and procedures aligned with industry best practices.
• Conduct security awareness training to mitigate IT risks like phishing and data breaches.
• Communicate and enforce security policies and procedures to relevant stakeholders and ensure proper implementation across all departments.
• Manage external suppliers and ensure security provisions in contracts.
• Oversee audits for ISO, SOC 2, and PCI compliance and ensure implementation.
• Lead security incident response and post-incident reviews.
• Track key performance indicators (KPIs) and review security measures with IT stakeholders.
• Stay informed on emerging security threats and implement proactive solutions.