Skip to main content
S

Chief Information Security Officer

Sympa

Location

Espoo, Uusimaa, Finland

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

Looking for an opportunity to shape, improve, and scale security, compliance, and IT in a growing SaaS company?

At Sympa, information security, compliance, quality, and IT are closely connected to how we operate as a SaaS company and how we build trust with our customers.

We are looking for a hands-on Chief Information Security Officer (CISO) to lead Sympa’s information security, compliance, and quality governance, while also owning our internal IT services and office IT environment, as we continue to grow as a SaaS company.

Location: Espoo, Finland (Hybrid)

Type: Full-time, permanent

Starting date: August-September 2026

For over 20 years, Sympa has helped some of the largest companies in the Nordics put people at the centre of their strategy. Today, we support close to 1,000 customers and continue to invest in our platform, people, and ways of working.

As part of our continued growth, we are now looking for a hands-on Chief Information Security Officer (CISO) who will report to the CTO and help strengthen and evolve our security, compliance, quality, and IT capabilities while ensuring they continue to support the needs of our business, customers, and employees.

Information security and quality are central to our customer promise. Sympa is ISO 27001 and ISO 9001 certified, and this role plays a key part in maintaining and continuously improving our governance, controls, and operational excellence while supporting future compliance initiatives.

This is a broad CISO and IT role combining CISO responsibilities with ownership of internal IT and compliance governance. You will have the opportunity to shape Sympa's security, compliance, and IT capabilities while working closely with teams across the company to turn ideas, plans, and requirements into practical solutions and measurable improvements.

You will influence long-term direction while remaining closely involved in implementation, operations, and day-to-day decision-making. You will work closely with Engineering, Product, Legal, Sales, Customer Success, HR, Finance, and the Leadership Team while leading a small team responsible for Security, Compliance, and IT.

What you will do

As CISO, you will own and continuously develop Sympa's information security, compliance, quality, and internal IT capabilities.

Your responsibilities include:

  • Leading Sympa's information security strategy, governance model, policies, controls, and risk management practices
  • Owning and continuously improving our ISO 27001 and ISO 9001 management systems and certifications
  • Driving security, compliance, audit, and continuous improvement initiatives across the company
  • Leading information security incident management, awareness activities, and risk treatment processes
  • Owning the direction, governance, performance, and budget of Sympa's internal IT services and office IT environment
  • Ensuring secure, reliable, and cost-effective end-user services, identity and access management, business systems, devices, and collaboration tools
  • Working closely with Engineering and Product teams to support secure software development, cloud security, vulnerability management, and compliance
  • Supporting customer security reviews, audits, tenders, and contract discussions
  • Maintaining customer-facing security and compliance documentation and assurance materials
  • Managing supplier and vendor security governance
  • Leading, coaching, and developing the Security, Compliance, and IT team
  • Building a culture of security, quality, accountability, and continuous improvement across Sympa

What do we offer?

Sympa combines the agility of a growth company with the stability of an established SaaS business. In this role, you will have real ownership, visibility, and influence over how security, compliance, quality, and IT evolve across the organization.

For the right person, this is an opportunity to step into a broad CISO and IT role with real ownership and the ability to leave a lasting mark on how a growing SaaS company operates. You will work closely with teams across the business, help shape key decisions, and contribute to building scalable ways of working that support both our customers and our future growth.

You will join an experienced and collaborative international environment with high ownership, low hierarchy, lunch and cultural benefits, and support for continuous learning and professional growth.

What do we value in our candidates?

We are looking for a builder-minded, hands-on leader who is excited by the opportunity to shape, improve, and scale security, compliance, and IT in a growing SaaS company.

You enjoy building as much as leading. You get energy from improving how things work, solving problems, helping teams succeed, and turning ideas into practical outcomes that support business goals.

You are comfortable moving between strategic discussions, customer conversations, audits, incidents, operational decisions, and improvement initiatives. You understand how to adapt your approach based on what the business needs most at a given moment.

You enjoy environments where progress comes through collaboration, initiative, and personal ownership rather than large teams or complex organizational structures.

The following skills and experience are needed to succeed:

  • Hands-on technical understanding and willingness to stay close to implementation and operational realities
  • 8\+ years of experience across information security, risk management, compliance, IT, or related areas
  • Experience in senior security, compliance, IT, or technology operations leadership role
  • Strong hands-on knowledge of ISO 27001 and ISO 9001 management systems, audits, controls, and continuous improvement
  • Strong communication skills in Finnish and English, both written and spoken
  • Good understanding of security frameworks and regulations such as ISO 27001, NIST, GDPR, SOC 2, CIS Controls, or similar
  • Experience leading enterprise IT services, identity and access management, end-user services, supplier management, budgeting, and procurement
  • Experience working in SaaS, cloud, software product, HR tech, or other technology-driven environments
  • Understanding of cloud platforms, secure software development, CI/CD practices, vulnerability management, and product security
  • Experience managing teams, coaching people, and driving cross-functional initiatives
  • Experience supporting customer security reviews, audits, tenders, and assurance processes
  • Proven ability to operate effectively in environments where leaders are expected to combine strategic ownership with practical execution
  • Degree in Computer Science, Engineering, Information Systems, Business Administration, or equivalent practical experience
  • Professional certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, or similar are considered an advantage

Interested?

Great! Send us your application via the system and tell us more about yourself. The position will be filled as soon as we find the right candidate.

If you have questions about the role, feel free to contact the hiring manager:

Arttu Heikkilä

CTO

[email protected]

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

All JobsSoftware Engineer JobsData Scientist JobsCareer Tips
Browse All Jobs
More JobsApply Now