Title: Information Security Officer Location: Stockholm, Sweden Workplace: hybrid Category: EU Security & Tech Foundation Job Description: WHO WE ARE At Trustly, we're building a smarter, faster, and more secure financial future by revolutionizing the world of payments. As a global leader in Open Banking Payments, we are establishing Pay by Bank as the new standard at checkout, providing unparalleled freedom, speed, and ease to millions of consumers and merchants worldwide. Our Ambition: To build the world’s most disruptive payment network and redefine what the payment experience should feel like. Trustly is a global team of innovators, collaborators, and doers. If you are driven by a strong sense of purpose and thrive in a dynamic, entrepreneurial, and high-growth environment, join us and be part of a team that’s transforming the way the world pays ABOUT THE TEAM The Security team is Trustly's first line of defence. We do the hands-on security work - running risk assessments, reviewing vendors, maintaining policies and procedures, driving business continuity and disaster recovery, and making sure security is embedded in how Trustly builds and operates its products. We work closely with engineering, legal, finance, risk & compliance, HR and senior leadership, and partner with the second line for governance and oversight. ABOUT THE ROLE We are looking for an experienced Information Security Officer to join the Information Security team, reporting to the Director of Security in Stockholm. The role sits in the first line of defence, meaning you will be directly responsible for executing and operating security activities - not just governing or overseeing them. You will work across the full breadth of the role — owning and driving security governance, risk management, third-party oversight, business continuity, compliance and awareness. You will be expected to work independently, influence decisions across teams, and improve how we operate. At the more senior end, you will help shape security strategy and act as stand-in for the Director of Security when needed. What you'll do - Develop, maintain and communicate Trustly's information security framework (ISMS), including instructions and routines aligned with regulatory requirements and industry standards - Lead information security risk assessments, define and track risk treatment plans, and keep the risk register current - Assess the security posture of third-party vendors and partners during onboarding and through ongoing oversight, define contractual security requirements, and drive remediation of gaps - Ensure business continuity, disaster recovery and crisis management capabilities meet regulatory requirements and are regularly tested - Define and maintain security controls across areas such as access management, internal fraud prevention, monitoring and segregation of duties - Ensure compliance with applicable regulatory requirements, contractual obligations and industry standards; coordinate and support internal and external audits and certifications - Respond to customer due diligence requests, security questionnaires and supplier assessments - Promote security awareness across the organisation through training, communication and guidance - Manage the security incident process and the exception and risk acceptance process, ensuring deviations are documented and approved at the right level - Act as stand-in for the Director of Security when required Who you are - 5+ years of experience in information security, with a focus on governance, risk management or compliance - ideally in regulated financial services or payments - Experience leading and building a team(s) and/or larger projects - Strong working knowledge of ISO/IEC 27001 - Familiarity with frameworks such as NIST CSF will be considered as beneficial - Practical experience translating regulatory requirements (e.g. any regulations and standards such as DORA, NIS 2, PSD2, EBA guidelines) into policy and process - Proven experience with third-party risk management across the vendor lifecycle - Excellent written and verbal communication - you can write a clear policy, present to an all-hands audience, and advise senior leadership with equal ease - Comfortable driving cross-functional initiatives and influencing stakeholders at all levels - If you hold one or more relevant certifications (active or expired) such as CISM, ISO 27001 Lead Implementer, CISA, CISSP or similar, this is considered beneficial - Fluent in English, written and spoken. Swedish is a bonus but not a requirement Our Fantastic Benefits (varies by location) 20 to 30 days of holiday to support a healthy work-life balance Monthly team outing allowance to enjoy social events with your colleagues Parental leave top-up additional support for new parents Daily breakfast and on-site perks to make your workday smoother Well being support our health allowance covers gym memberships, massages, and much more to help you feel your best PLUS additional benefits designed to enhance your work-life experience!

• Support the design, implementation, and improvement of security controls across AWS and GCP environments. • Work closely with Development, DevOps/SRE, Infrastructure, and Security teams to ensure secure-by-design practices. • Contribute to automation initiatives, reducing manual processes across the organization. • Take ownership of specific areas of the security landscape as you ramp up in the role. • Assist in evaluating and operating security tools and integrations. • Help document processes, workflows, and security standards. • Collaborate with stakeholders such as TSSI, EGSO, Audit, and Global Security partners.

• Own and evolve parts of the cloud security landscape in AWS and GCP • Integrate security practices into CI/CD pipelines and Infrastructure as Code using Terraform • Drive security automation across environments, reducing manual processes and operational risks • Act as a security evangelist, influencing engineers to adopt secure-by-default practices • Partner with development, SRE, and infrastructure teams to improve security incident management • Support incident response activities, post-incident improvements, and operational readiness • Contribute to security tools, standards, documentation, and continuous improvement initiatives

Role Description We are seeking an experienced Splunk Subject Matter Expert to lead the design, implementation, and optimization of Splunk solutions across security operations and observability domains. This role serves as the technical authority on Splunk architecture, driving enterprise-wide deployments for security monitoring, threat detection, and comprehensive observability across hybrid and multi-cloud environments. Qualifications - 7–10 years experience with Splunk Enterprise, including 3+ in architect or senior admin roles - Deep expertise in Splunk Enterprise Security and SOC solution design - Strong experience with Splunk Observability Cloud including APM, Infra Monitoring, and RUM - Advanced SPL skills including optimized queries, regex, field extraction, and CIM mapping - Experience with Splunk SOAR automation and orchestration - Strong understanding of MITRE ATT&CK, NIST CSF, and Kill Chain methodologies - Experience with PCI-DSS, HIPAA, GDPR, SOC 2, and ISO 27001 compliance monitoring - Knowledge of threat intelligence platforms, IOC management, and threat hunting - Experience with AWS, Azure, GCP native logging, security monitoring, and cost optimization - Understanding of Docker, Kubernetes, microservices, and cloud-native observability - Knowledge of networking concepts, firewalls, proxies, IDS/IPS, VPNs, zero-trust architecture - Familiarity with CI/CD, Terraform, CloudFormation, and DevOps practices - Proficiency in Python for automation, API integrations, and Splunk app development - Experience with Bash or PowerShell for automation and data collection - Understanding of REST APIs, JSON/XML, and web technologies Requirements - Design and implement Splunk Enterprise Security (ES) deployments including correlation searches, notable event management, risk-based alerting, and threat intelligence framework integration - Develop and optimize security use cases covering MITRE ATT&CK tactics, insider threat detection, anomaly detection, and APT hunting - Build Splunk SOAR playbooks for security orchestration, automated response workflows, and cross-platform integrations - Implement User and Entity Behavior Analytics (UBA) to detect insider threats, compromised credentials, and behavioral anomalies - Architect and deploy Splunk Observability Cloud solutions including Infrastructure Monitoring, APM, RUM, and Log Observer - Implement OpenTelemetry instrumentation for distributed tracing, metrics, and correlation across microservices - Build synthetic monitoring and alerting strategies for proactive detection of performance and availability issues - Integrate diverse data sources across AWS, Azure, GCP, EDR tools, firewalls, IDS/IPS, network devices, applications, and databases - Design API integrations, webhook configurations, and custom scripted inputs for specialized collection needs - Implement Splunk HEC with load balancing, encryption, and token governance - Develop custom TAs and applications to extend Splunk capabilities - Lead technical discovery workshops and design target-state Splunk architectures - Develop architecture diagrams, implementation guides, runbooks, and knowledge transfer materials - Provide mentorship on Splunk administration, SPL optimization, dashboards, and alerts - Manage POCs and pilots demonstrating Splunk’s value across security and observability - Serve as escalation point for complex technical and architectural issues Preferred Qualifications - Splunk Certified Architect or ES Certified Admin - Certifications such as CISSP, GCIA, GCIH, GCFA - Experience with Splunk MLTK for anomaly detection and predictive analytics - Experience with managed Splunk services and 24x7 operations - Knowledge of Datadog, New Relic, or Dynatrace - Experience with OT/IoT security monitoring Professional Attributes - Excellent communication skills and ability to translate technical concepts for business stakeholders - Strong analytical and problem-solving abilities - Ability to manage multiple concurrent client engagements - Independent working style with effective collaboration across distributed teams - Customer-focused mindset with a commitment to quality