Job Description

Security & Compliance Lead

Department: IT

Employment Type: Full Time

Location: Bulgaria - Sofia

We’re looking for a Security & Compliance Lead to own and lead our security, risk, and compliance efforts across the organization. As the dedicated leader in this space, you will define the strategy, drive execution, and serve as the central point of accountability for all security and compliance initiatives.

This is a highly cross-functional role at the intersection of governance, regulation, and business operations, requiring strong stakeholder management and the ability to translate requirements into practical, business-ready outcomes. You will work closely with engineering, product, operations, and commercial teams to embed security and compliance into how we operate.

If you're pragmatic, business-focused, and confident driving initiatives and influencing across teams, this role is for you.

In this role you will:

• Lead the development and continuous improvement of the company’s security, risk, and compliance programs;
• Own and manage the SOC 2 Type II audit lifecycle and support future certifications such as ISO 27001;
• Define, maintain, and promote security policies, standards, and best practices across the organization;
• Act as the main point of contact for security and compliance topics in customer and pre-sales conversations;
• Partner with product, engineering, and business teams to ensure security and compliance requirements are understood and embedded in processes;
• Identify risks, track remediation efforts, and maintain an effective risk management framework;
• Oversee security controls and processes to ensure alignment with regulatory and business requirements;
• Report on compliance status, risks, and audit readiness to leadership and external stakeholders;
• Influence and coordinate cross-functional teams to achieve security and compliance goals.

Your profile:

• 5+ years of experience in information security, with a strong focus on compliance and risk management in the technology or fintech sectors;
• Proven experience leading security programs and compliance efforts (e.g., SOC 2, ISO 27001, GDPR, etc.);
• Good understanding of modern software development practices, DevOps, cloud infrastructure (e.g., AWS, Azure), and SaaS operations;
• Exceptional written and verbal communication skills, with the ability to convey complex security topics to non-technical stakeholders and influence sales outcomes;
• Experience engaging with external auditors, regulators, and enterprise customers;
• Comfortable working independently in a fast-paced, resource-constrained environment;
• Adept at building cross-functional relationships and leading through influence;
• Familiarity with security tools such as identity and access management, vulnerability scanners, endpoint protection, and secure SDLC processes.

We offer:

• Flexible work model – work from home, from our welcoming office at Campus X or a mix of both
• Performance-based bonuses that reward impact and results
• 25 days of paid annual leave
• Vacation Hero Days – earn up to 5 extra days off when you take your full annual leave
• 1 additional day off for your birthday
• 2 days off for volunteering
• Up to 15 days of sick leave per calendar year, fully paid at 100% salary coverage
• Premium healthcare and dental coverage
• Co-funded Multisport card
• Food vouchers
• Access to an Employee Well-Being Program
• Long-Term Employee Value Distribution (LEVD) scheme
• Generous refer-a-friend program