Senior IT Security Specialist

Join our Security & IT Governance team at Lendo Group, which focuses on protecting our digital assets and ensuring compliance with industry standards. We are committed to maintaining a secure environment while fostering innovation and growth.

We seek a highly skilled Senior IT Security Specialist to join our team. This role is crucial in implementing robust security measures, ensuring operational security, and advising the Head of Security & IT Governance in maintaining a comprehensive security strategy. You will be instrumental in fortifying our systems and products. You will be conducting security assessments, implementing best practices, and ensuring the integrity and resilience of our digital assets. The position covers all brands within Lendo Group in Sweden, Norway, and Denmark and reports to the Head of Security & IT Governance.

Key Responsibilities:

• Vulnerability management
• Security documentation
• NIST CSF compliance
• Security awareness
• Incident management
• Team advisory
• Security tool management
• Design and develop security strategy
• Security by design

Technical skills:

• Proficiency in vulnerability scanning tools (Wiz, Detectify, Vulcan).
• Strong understanding of NIST CSF and mitigation techniques.
• Proficiency in programming languages.
• Knowledge of Cloud environments (AWS, GCP).

Experience:

• Extensive experience in security roles. Preferably with a background in software development and secure coding practices.
• Hands-on experience with vulnerability management.
• Familiarity with bug bounty programs and security documentation.

Soft skills:

• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• High attention to detail and organisational skills.

Nice to have:

• Relevant security certifications such as CISSP, CISM, or CompTIA Security+ are highly desirable.
• Knowledge of pentesting.
• Experience in writing policies and procedures and performing audits.
• Knowledge of applicable regulations (ISO 2700x, GDPR, PSD2, DORA).
• A good understanding of the cyber security threat landscape.
• Good knowledge of OWASP Top 10.
  
  While a Bachelor's degree in Computer Science, Information Security, or a related field is preferred, we understand that relevant experience can be just as valuable. We encourage candidates with strong practical experience in IT security to apply, even if they do not meet the formal education requirements.
  
  Apply as soon as possible—if the matching candidates apply, we can fill the position before the job ad extends.
  Questions? You are welcome to get in touch with Fredrik Regn, Head of Security and IT Governance, at: fredrik.regn[AT]schibsted.com