
Sumup · Frankfurt am Main
Are you passionate about making an impact through technology and controls? At SumUp, we’re looking for an IT Internal Auditor to strengthen our Internal Audit t...
Are you passionate about making an impact through technology and controls? At SumUp, we’re looking for an IT Internal Auditor to
strengthen our Internal Audit team in Berlin. In this role, you’ll help ensure our IT environment is secure, compliant, and ready
to support millions of businesses worldwide.
SumUp is a leading global fintech company committed to leveling the playing field for small businesses. Since 2012, we’ve been a
trusted partner for over 4 million merchants in 36 markets worldwide. Our mission is to make business simple and affordable by
providing tools that help entrepreneurs get paid, manage finances, and grow their customer relationships.
You’ll be part of our Internal Audit team, reporting directly to the Global Head of Internal Audit. The team plays a crucial role
in safeguarding SumUp’s operations, ensuring compliance with regulatory requirements, and driving continuous improvement across
the business. This role focuses on strengthening our IT audit capabilities— an essential part of our audit plan and risk
management strategy.
requirements
advanced analytics
Nice to have: Professional certifications such as CIA, CISA, CPA, CISSP, CISM, or CRISC; knowledge of data analytics tools.
🌎 Opportunity to work with SumUppers globally on large-scale fintech products used by millions of businesses worldwide, from our
Berlin office. This involves an office-first setup
🌈 Commitment to Diversity and Inclusion: be part of a workplace that values and promotes diversity, fostering an inclusive
environment where everyone's perspectives are respected and embraced
🚀 Enrolment onto our Virtual Stock Option programme: you will own a stake in SumUp’s future success
📚 A dedicated annual L&D budget of €2000 for attending conferences and/or advancing your career through further education
💶 A corporate pension scheme where we match up to 20% of your contributions
🏖️ Generous time off: enjoy 28 days of paid leave plus public holidays and special leave days
🚵🏾♂️ Numerous other benefits such as Urban Sports Club subsidy, Kita placement assistance, subsidised office lunches
🌴 Break4me: 1-month sabbatical after 3 years of service
🔗 Referral Bonus: earn additional rewards by referring talented individuals to join the SumUp team
About SumUp
We believe in the everyday hero.
Small business owners are at the heart of all we do, so we create powerful, easy-to-use financial solutions to help them run their
businesses. With a founder’s mentality and a 'team-first’ attitude, our diverse teams across Europe, South America, Australia and
the United States work together to ensure that the small business owners we partner with can be successful doing what they love.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring
or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex,
gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by
company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.
SumUp will not accept unsolicited resumes from any source other than directly from a candidate.
Job Application Tip
We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is
only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.
Lead and develop IT security at Bonava in Stockholm. Work with Azure, Microsoft 365 and cybersecurity in a cloud-first environment At Bonava, we are not only building houses, we are also creating homes and neighborhoods where people live their lives. To keep our digital world safe, we´re now looking for an IT Security Specialist to lead and develop our cybersecurity landscape.This is a broad role where you will combine strategic vision with hands-on expertise. You will work closely with colleagues across infrastructure, governance and operations to strengthen our security posture, drive continuous improvement and ensure our cloud-first environment remains secure, compliant and resilient.If you are motivated by taking ownership, influencing security strategies and working with modern Microsoft technologies in a business-critical environment, this is an opportunity to make a real impact across the organization. The Opportunity At Bonava, you will have the opportunity to shape how we protect our systems, services and data moving forward. You will join an organization where security is an important enabler for the business and where your expertise will influence both strategy and operations. You will have the opportunity to: Take overall responsibility for IT security across Bonava Work in a cloud-first environment built primarily on Microsoft Azure Influence and develop security frameworks, processes and ways of working Combine strategic security initiatives with hands-on technical work Collaborate with stakeholders across IT and the wider business Enjoy a flexible hybrid working model from our central Stockholm office Your Challenge As IT Security Specialist, you will take overall responsibility for IT security at Bonava. This is a broad role where you will work closely with both technical teams and business stakeholders to continuously strengthen the organization’s security posture. You will: Strengthen and maintain security across Bonava’s systems and data Monitor the threat landscape and initiate preventive measures Manage and develop security infrastructure Educate users and promote a strong security culture across the organization Drive improvement initiatives related to security and compliance Provide informed guidance to management on security risks, incidents and strategic priorities to enhance the organization’s security posture The Team and Workplace You will be part of the IT Infrastructure and Compliance team, working alongside colleagues within infrastructure, governance and operations. Bonava operates with a cloud-first IT strategy, primarily leveraging Microsoft Azure. While the focus is on modern cloud-based solutions, the environment remains hybrid, with certain systems and services still managed on- premises. The position is based in central Stockholm and offers a hybrid work model with flexibility to work from home. About You We believe you will thrive in this role if you have a few years of experience within IT Security or Infrastructure and enjoy working in an environment where strategic thinking and hands-on problem-solving go hand in hand. You also have: Strong knowledge of Microsoft 365 Security tools, like Defender, Intune and Sentinel Hands-on experience with Microsoft Defender, Intune and automation Understanding of Azure environments and hybrid setups Understanding of network security principles Experience working with enterprise network environments Skills in scripting, preferably PowerShell or Python A proactive, structured and responsible approach Excellent communication skills in English As a person, you are collaborative and take initiative to move your work forward. You are a clear and confident communicator who builds trust with stakeholders across the organization. You exercise good judgement, stay up to date with developments in the cybersecurity landscape and enjoy finding practical solutions to complex challenges. It is considered a plus if you have experience working with governance, risk and compliance frameworks, as well as log management and analysis. Swedish language skills are also considered an advantage. Let´s Connect! We have chosen to work with Ada Digital in this hiring process. Their recruitment process focuses on transparency, inclusion and a fast moving candidate experience. And now we want to know more about you – on your own terms! To apply, please fill out the short form, briefly motivate why you are interested in the position, and attach your CV or LinkedIn-profile. No additional documentation is needed. You can then, in real-time, follow your application online as our recruiters are working with it. We work with a continues selection process which means we might hire a candidate before the final apply date, so apply already today! Interested and want to know more? Please contact our recruiter today. We are looking forward to connecting soon!
Want to shape the entire information security landscape behind one of the Nordics’ most well-known e-commerce marketplaces? At CDON Group, security is a strategic foundation for our growth, data-driven operations, and future innovation. We’re now strengthening our security capabilities and are looking for an Information Security Specialist who wants to take ownership, drive development, and ensure that security is embedded across our products, platforms, and teams. About us Join us at CDON Group, a Swedish listed company with a long history and extensive experience in the e-commerce market. Our mission is to unleash the power of the marketplace to give the best shopping experience in the Nordics. We are dedicated to providing great online shopping experiences and are on the lookout for an Information Security Specialist to join us on this journey for our two Nordic marketplaces: CDON and Fyndiq. About the role This role combines hands-on security work with broader ownership of how we structure, govern, and communicate information security across the company. You will sit within IT but collaborate closely with Legal, Finance etc, as many topics touch on compliance, GDPR, NIS2, the AI Act, and regulatory inquiries. At the same time, we are navigating a unique balance. We are pragmatic, entrepreneurial, and fast-moving, yet also a publicly listed company with expectations on governance, compliance, and structure. This creates an environment where you will help build processes that do not fully exist today, while still working close to the business and making real impact quickly. Some areas of focus include: Helping build security processes and routines, both maintenance and from the ground up Supporting the entire organization with practical, understandable security guidance Working with both technical and non-technical stakeholders Helping raise security maturity while keeping the business moving forward Responsibilities include You will have both structured responsibilities and day-to-day practical tasks. Key areas include: Developing and maintaining information security policies, governance, and documentation Driving risk management activities across systems, suppliers, processes, and new initiatives Ensuring alignment with frameworks such as ISO 27001, NIS2, and GDPR Collaborating closely with Legal on data protection, AI governance, and regulatory communication Supporting IT, infrastructure, and engineering teams with operational security tasks You will also work hands-on with: • Google SecOps and our existing tooling • Vulnerability management • Access and identity management • Coordinating external penetration tests and understanding results • Leading internal training, awareness efforts, and phishing exercises Part of the role also involves presenting findings and explaining why security requirements exist — not just what they are — in ways that engage and motivate colleagues across the business. Qualifications and requirements We are looking for someone who can understand, interpret, and communicate both technical and regulatory requirements. Relevant experience and traits include: A couple of years in information security, IT security, or data protection Relevant degree for the role Understanding of GDPR, NIS2, and IT risk work Strong communication and presentation skills The ability to learn and work with security tools such as Google SecOps Full professional proficiency in Swedish and English Pragmatic mindset and the ability to balance speed with governance Ability to work regularly from Stockholm to collaborate effectively with Legal and support incident handling Some tasks require hands-on IT security understanding, but you do not need to be a programmer. Support is available from backend teams for highly technical areas. What we offer An opportunity to be part of a unique growth journey, actively contributing to the success of the leading e-commerce marketplaces in the Nordics. A collaborative and dynamic work environment, with passionate colleagues who believe in CDON Group’s mission Competitive compensation package, including benefits such as pension and insurance through Max Matthiessen and MyBenefit portal. Career growth opportunities within a rapidly evolving company. Application Process: Please attach your resume and a brief cover letter outlining your interest and suitability for the job. We will be conducting interviews with candidates on an ongoing basis. To ensure a professional and unbiased assessment, we will ask candidates to perform a combination of logical reasoning and personality tests as part of the process.
Are you an Information Security specialist? Are you ready to take on an overall responsibility and drive the IS area in a global business? Join us as our new CISO! As our world changes, Information & Cyber Security are becoming increasingly important for a company such as Westermo. We have long been known for robust hardware, and increasingly so also for Cyber Security features in our software. Information Security at Westermo is not, and should not be an isolated IT function. It is fundamental to trusted products, resilient operations, and long‑term customer confidence. We are now looking for a Global Chief Information Security Officer (CISO) to define, lead, and govern our global cyber security agenda across the entire global organization. This is a diverse role, with operational and strategic aspects. Governance, risk management, and operational resilience are key focus areas. In this global role, you will work across all levels; from the executive management team, our leaders, and key functions across Westermo’s global operations. You will collaborate with IT, R&D, Manufacturing, Operations & Quality to ensure information security is embedded into decision‑making, processes, and culture across the company. Are you our next Global Chief Information Security Officer (CISO)? As Global CISO, you oversee all Information Security related issues. You are the domain expert, the advisor and coordinator. You make sure that Westermo follows IS laws, directives, standards and also set up our own strategy, policies and guidelines. You lead the work and influence people in all departments, making sure we have the right routines, trainings, risk assessments and pass our audits. You will not be starting from a clean slate, but there will be large opportunities to challenge current state and shape the future. Key Responsibilities Advise on identification, assessment, and prioritization of cyber risks across Westermo Provide direction and governance for the Information Security Management System (ISMS) in accordance with ISO 27001, including audits and scope expansion across Westermo companies Support compliance with applicable cyber security regulations and standards (e.g. ISO 27001, IEC 62443, NIS2, customer security requirements) Provide oversight and advisory input on third‑party and supply‑chain cyber security risks Create awareness, teach and train others in the organization. Report regularly to executive management on cyber security posture, risks, incidents, and initiatives Who Are We Looking For? We are looking for someone who has experience in Information Security. You might be an expert in one area of Information Security, but you are looking for a wider role. Or you are already working with broad topics, but are looking for more responsibility, and the opportunity to make your own mark on a role and organization. You like it in a medium sized company; where there’s room for influence, and not hierarchical and bureaucratic. You appreciate having different kinds of competence around you, and are comfortable being the expert in your own area. You can speak to all of your stakeholders, and meet them where they are; from executive management to customers and employees. You are also comfortable in a global company; English is not a problem for you, and you understand there will be differences between countries, even if you don’t know exactly what they are. In short; you are an Information Security Specialist who wants to get in the driver’s seat, with your supporters in the seats next to you. Requirements You are familiar with ISO 27001 and NIS2. Strong knowledge of both IT security and OT/ICS security in industrial environments Great communication skills, being able to teach and train others, but also learn from other specialists in the organization. Proven experience with Information Security governance, risk management, and incident response Meritorious Background from industrial, manufacturing, R&D, or mission‑critical system environments Relevant certifications (e.g. CISSP, CISM, or equivalent) Interest or experience in digital transformation and data governance In Return, We Offer: You will be working at the forefront of technology in a friendly, open culture where you get the opportunity to learn from skilled colleagues every day. A mature and caring leadership in a flat organization. Through our collective agreement you will be covered in terms of insurance, pension and other benefits. We like to have fun together and we regularly enjoy sports and other social activities as a team. We believe that magic happens when people meet. We are a learning organization and we truly love to try new things, think outside the box and be innovative together! Basic Information Location: Västerås, Sweden (preferred) or other Westermo locations Job type: Full‑time Employment contract: Permanent Application: We review applications continuously — apply as soon as possible Contact: Hiring Manager: Johan Inestam, CFO, at johan.inestam@westermo.com Recruiter: Elin Sandell, at elin.sandell@westermo.com About Westermo Westermo is a leading provider of Industrial Data Communications equipment to the global market. Sales are conducted through our own offices in key markets in Europe, North America, Australia and Asia, as well as through distributors and OEM customers worldwide. Development and manufacturing take place in Sweden, Ireland, Germany and Switzerland. Westermo was founded in 1975 and today has over 480 employees with a turnover of around 1 Billion SEK. The company is a wholly owned subsidiary of Ependion, listed on the Nasdaq OMX Nordic stock exchange.