Cyber Security Program Manager

  • Copenhagen, Denmark
  • Full-time
  • Department: Product & Engineering

Company Description

Have you ever worked for a company that actually wanted you to bring your whole self to work every single day?

About Tradeshift
Tradeshift is a unicorn in the fintech industry. We are disrupting a typically stagnant environment by connecting companies of all sizes and providing them with the platform and network needed to create value from old processes like procurement, invoicing, payments, and workflow. We recognize that business is both messy and social - two revelations that have driven the development of Tradeshift, a platform for all your business interactions.

Security Team 
Our team holds automation as the key to scalable compliance and in finding positive business outcomes, instead just saying “No”. We don't “check the boxes” as a way to manage compliance and security - we get creative and build scalable solutions. We're looking a forward-thinking individual who is comfortable getting their hands dirty and is excited to collaborate with a team of diverse technical talents.

Job Description

Role
The information security and compliance teams within Tradeshift partners across the company to help teams understand and mitigate risks related to information security and data protection. We have a robust security program with SOC 1 Type II, SOC 2 Type II, ISAE 3402 Type II, ISO 27001 and PCI Level 1 compliance and look towards a continuous improvement mindset in everything we do.

What a day is like:

  • You will be responsible for understanding cyber security as a whole over the entire enterprise including product and application security, web and user interface security, customer data protection, data backup and disaster recovery, as well as all matters for in house IT system security
  • Proactively seek out potential security risks and vulnerabilities across the entire organization independently and without guidance. You will lead existing and new initiatives related to security and data protection, assisting with security incident detection and response
  • Lead a cross functional project team of IT Security, compliance and risk specialists to resolve issues identified proactively to prevent potential intrusions, hacking, malware, data theft, proprietary product theft or tampering
  • Continuous improvement of security systems and training for yourself as well as for members of your team to remain cutting edge in matters of IT Security across all systems
  • Build controls and policies where needed with automation and code-as-policy always being the preferred solution
  • Work with existing and new customers to answer any security related questions
  • Maintain the CyberSecurity program in an “Audit ready” state, and lead audit preparedness for the Cybersecurity program for matters of compliance, risk, and investor reporting

Qualifications

You’re perfect for this role if you:
Hold a 4 year degree in computer science or related degree with 4+ years' experience working on IT security projects and you're comfortable speaking about PKI, encryption, systems (ideally Linux ones) and AAA. You're biased toward quick action, while also open to new ideas. 

You also have:

  • Project management experience in IT Security, Application Security  and SAAS/Cloud Security leading small teams from inception to launch
  • Strong risk management and IT security skills
  • Familiarity with GDPR requirements
  • Experience with both auditing and engineering is a big plus
  • CISSP certification is preferred
  • Theoretical and practical knowledge around securing systems
  • Proficiency in working in a cloud driven environment
  • In-depth knowledge of IS management
  • Working knowledge of Security & Compliance & Data Protection frameworks/standards, i.e. SOC 1 / SOC 2, ISO 27001
  • Project leadership expertise in OWASP and web based application security issues
  • Working knowledge of data warehousing and back up, disaster recovery and preparedness, server security and firewalling, data encryption and hashing.

Additional Information

Location
Our office in Copenhagen has a palpable excitement that stems from the constant change that keeps everyone on their toes. Each employee has a voice, and their hard work pays off. No good work goes unnoticed. 

Culture 
Our culture began day one when three Danes poured their brains, heart, and guts into creating a platform that could connect every business in the world. We expect each employee to approach their work with the same amount of pride and passion. One day you might find us having a ping pong match in the middle of the work day, and then you’ll find us handing off projects to colleagues in different time zones so we can continue progress around the clock. 

TradeShifters come from various backgrounds and nations, and we all thrive off challenging the status quo. We take pride in nurturing employee happiness, encouraging personal development, and welcoming teammates from all walks of life.

We value diversity and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Why you might like working here:

  • You love autonomy and the freedom to get your work done how you want 
  • You like sharing your opinions and feeling like they matter
  • You want to work for a company that requires you to bring your whole self to work every day: brains, heart, and guts
  • Ambitious international startup
  • Career and professional development opportunities
  • Large office that provides caters to many different work-environment preferences 
  • Flexible work hours
  • Mobile phone plan and at home internet
  • Lunch and snacks daily with drinks
  • A competitive compensation package and equity
  • In-house activities like yoga
  • Opportunity to join many fun, varied company events like happy hours, hackathons, family holiday parties, and many more.
Privacy Policy