Information Security Officer

Software Engineering - Amsterdam / Permanent

We believe in a future where inner cities are free of cars, congestion and pollution. By offering our dockless electrical scooters and bikes as convenient alternatives for short-distance travel, we believe we can make that future possible. Our mission is to free our cities with clean rides for everyone in Europe and beyond. Founded in Europe, Dott is comprised of a highly experienced team of inquisitive minds in mobility and tech. What we do today has a tangible impact on tomorrow. We reached our in-house sustainability target of 100% renewable energy, and ensure equitability in our communities through collaborating with city charities, officials and safety boards. The objective of this role is to ensure the protection of our user's data and to establish procedures that enrich the security of our software and software development processes. We're looking for an individual who is effective in helping to mature data security and software security processes in a fast paced environment. You'll be one of the first roles with a dedicated focus on information security. As an operator in the European Union our organization and the data which we collect about our users is subject to GDPR regulation. In this role you will be responsible for helping to ensure proper practices that ensure our continued compliance with those regulations. While we believe the physical safety of our riders is important we also strongly believe in the safety, security and proper handling of the personal details they share to help us provide our service.  In this role you will help to compliment our software development teams to ensure that they are developing in a sustainable, safe, secure and intentional way. You'll help to improve our existing processes and introduce new processes as well. You'll be expected to interact with a wide range of roles - including Product Managers, Software Engineers, Legal Counsel, and Engineering Managers. Through these interactions you will help to ensure compliance with existing policies and help build strategies to improve our security posture.

What You'll Do

  • Review our existing infrastructure on an ongoing basis with our software engineering team to ensure we follow best practices. Ensure that our cloud-first software implementation is secure and that our implementation is improving over time
  • Help define strategies and initiatives to improve our security posture throughout all of software engineering. As an example this may include implementing new checks in our CI/CD system like static code analysis,, ensuring review of our 3rd party dependencies, or developing programming to educate our teams
  • Setup and manage external security audit 
  • Maintain and review a list of third party tools and vendor services that we use. Our work depends a lot on various tools - you'll help to make sure that the right people have the right access on a regular basis. You'll help to introduce new tools and to make sure that individuals don't have improper permissions
  • Work closely with the legal team to ensure we are compliant with regional and local regulation demands. We operate in an ever evolving space that is subject to strong regulation - it will be helpful for you to act as a liaison between Engineering and Legal teams to make sure we approach these sensitive issues correctly.
  • Contribute to tender answers
  • Work with various stakeholders across the software engineering team to ensure that the projects have a security-first mindset. Help to develop processes and programs that allow our teams to continue to move quickly while being considerate of security concerns.
  • Help us respond to various security incidents - whether this is an unintended outage or interruption of our service or a possible malicious threat. You'll be the person to give guidance on how to approach and resolve the situation.

What You'll Need

  • Strong communication skills. You're able to communicate clearly and articulately, both in spoken form and in writing. You're able to help foster productive and positive communication between potentially opposing interests.
  • We are a relatively young company that is growing quickly. You feel capable of taking ownership without instruction, cutting through ambiguity and defining a path forward. You have a bias for action and understand the value in moving forward.
  • You have a strong sense of ROI, meaning that you can define the priorities by promoting quick wins first and organize the remaining ones strategically in the roadmap.
  • Experience or understanding of cloud-first platform development. Our software engineering team deploys almost exclusively to the cloud - it'll be important that you have a strong understanding of cloud software development and possible attack vectors to mitigate
  • Strategic and executive mindset. A large part of this role will be about the "big picture" but also about follow through and execution. You'll help to enumerate the strategy but also build in ways to make sure that appropriate progress is being made
  • First hand experience with GDPR and other data regulations and protections. You understand the value and necessity to keep PII data safe, to develop reasonable and sustainable data retention policies.

What’s in it for me? Alongside a competitive compensation plan, we invite our employees to participate in our stock option plan. You’ll be part of a collaborative, energetic and international team who enjoy the perks of flexible working hours, medical insurance contribution and fun company events. At Dott, we are passionate and challenge each other to deliver on our dreams. We constantly perfect our craft. We own our mission and keep pushing for the company, cities and planet. On that note, be prepared to take on exciting challenges. We operate a consumer service that sees millions of transactions every week. Our operations services are backed by deep machine learning, and our large fleet of vehicles features its own hardware and embedded software challenges. You’ll get to see it all, so come along for the ride. Closing & equal opportunities employer statement Come as you are Dott is an equal opportunities employer. We invest in diversity, ensure equality and encourage expression. We have a zero-tolerance policy for harassment, bias or discrimination towards applicants and employees.  Want to join us for the ride? Let’s do this right – together.