
Job Description
ABOUT US
Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability.
We serve two primary customer segments:
Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines.
Businesses such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant’s embedded finance and white-label solutions.
Founded in 2020 and headquartered in Berlin, Pliant supports over 4,000 businesses and more than 20 partners globally. As a licensed e-money institution (EMI), we issue credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments.
Learn more at www.getpliant.com
ABOUT THE ROLE
We are built AWS-native and audited against SOC 2, PCI DSS v4.0.1, HIPAA, and DORA. We run compliance like we run infrastructure: instrumented, automated, and owned by people who can read a log before they write a policy.
We're looking for an Information Security Manager (m/f/d) with a builder's mindset who happens to specialize in compliance, not a policy writer who happens to use a compliance tool. You'll own SOC 2, PCI DSS, HIPAA, and DORA end-to-end, and you'll do it by building automation, not by chasing screenshots.
They will report directly to the CISO in a growing team and be open to working with our team in our office in Helsinki (hybrid).
WHAT YOU`LL DO
Build automated evidence pipelines against AWS, IAM, and our security stack (AWS, Wiz, Vanta, SentinelOne, Datadog), control monitoring that runs itself, maturing security and compliance status.
Integrate compliance checks into CI/CD so drift gets caught before an auditor does.
Extend our compliance automation platform (Vanta) with custom integrations where the defaults don't cover our control set.
Own the security & compliance program (ISO 27001, SOC 2 Type 2, PCI DSS v4.0.1, HIPAA), audits, scoping, control testing, QSA/auditor relationships, risk register.
Turn regulatory requirements into engineering-consumable specs and tickets, and track them to closure.
Run vendor/third-party risk under DORA; support incident response from the compliance side.
WHAT YOU`LL BRING
3+ years in security compliance, with real ownership of at least one full SOC 2 or PCI DSS audit cycle.
Experience of working with Tech and engineering teams
Working knowledge of at least two of: SOC 2, PCI DSS, HIPAA, DORA, applied to a real environment, not textbook.
Experience managing external auditors/QSAs through to a delivered report.
Excellent written communication, you'll write for engineers, auditors, and executives in the same week.
Comfortable owning ambiguity with a small team behind you, not a large one.
Nice to Have
Experience at a regulated fintech, EMI, PSP, or bank.
CISSP, CISA, CISM, or ISO 27001 Lead Auditor/Implementer.
Experience with LLM-based tooling for security/compliance workflows.
Why This Role
The foundations are already built. The mandate now is to make the next stage, GRC Engineering and real control automation. Direct access to the CISO, real autonomy, and a genuine say in security strategy.
WHAT WE OFFER
The opportunity to work in a growing team with big responsibilities that thrives on a strong exchange of knowledge and excellence
Attractive remuneration
Your choice of preferred OS, Windows or Mac
Flat hierarchy and transparent communication in a relaxed, professional atmosphere
Opportunity to develop your talent in a dynamic team with ambitious goals
Flexibility and possibility to work remotely
Company card with a monthly allowance for lunches, coffee, etc. with co-workers
At Pliant, we believe diversity and inclusion are essential to building not only an innovative product but also an exceptional experience for both our customers and our team. This commitment begins with our hiring process—we welcome individuals of all racial and ethnic backgrounds, religions, national origins, gender identities or expressions, sexual orientations, ages, marital statuses, and abilities. If you require accommodations or accessibility support during the interview process, please let us know in your application so we can make sure your experience is seamless.
Optimize Your Resume for This Job
Get a match score and see exactly which keywords you're missing
Job Details
- Category
- Security
- Employment Type
- Full Time
- Location
- Helsinki, Finland (Hybrid)
- Posted
About Pliant
Customize everything you need to make payments, control spend, and optimize finance operations using one credit card platform. Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability. We serve two primary customer segments: - Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines. - Companies such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant’s embedded finance and white-label solutions. Founded in 2020 and headquartered in Berlin, Pliant supports over 3,500 businesses and more than 20 partners globally. As a licensed e-money institution (EMI), we issue Visa-powered credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments. Learn more at http://www.getpliant.com/
More Roles at Pliant





Similar Security Roles



Found this role interesting?