Data Protection & Information Security Lead
DraiviData protection and IT security have always been central to how we operate. As we scale internationally across eight markets and process millions of data points daily, we're now ready to bring this function in-house with a dedicated specialist who can take it to the next level.
Draivi is a fast-growing international performance marketing company, recognized twice on the Financial Times FT1000 list of Europe's fastest-growing companies. With €30M revenue in 2025 and operations across the Nordics, Germany, Spain, Mexico and South Africa, we help lenders and financial service providers acquire customers through data-driven marketing and comparison platforms.
We're looking for a Data Protection & Information Security Lead to own our entire data protection, information security and IT operations function. This is a foundational role where you'll build policies, processes and a security-first culture across a company that processes 1.3 TB of data and handles 3.3 million API requests daily.
You'll work closely with the CTO and management team, with significant autonomy to shape how we approach data protection, security and IT operations as the company continues to scale.
What You'll Own
You will own data protection compliance (GDPR and beyond), IT security and internal IT operations across all markets. This includes driving our ISO 27001 certification, and managing user and device administration for a growing international team.
Key Responsibilities
IT Security
Define, implement and supervise the company's information security strategy and policies
Lead the ISO 27001 certification process (initiated December 2025)
Conduct risk assessments and manage the security risk register
Oversee access controls, encryption standards and security monitoring
Manage security incidents and lead response efforts
Work with engineering to ensure security is embedded in product development
IT Operations
Manage user accounts, access rights and identity management across company systems
Oversee device management, provisioning and security for a distributed international team
Maintain and improve IT onboarding and offboarding processes
Governance & Culture
Build a security-aware culture across the organization with proper documentation and guidelines
Educate and train the team on data protection, security policies and any changes or adjustments to practices
Report to leadership on data protection and security posture
Manage relationships with external auditors and regulators
Data Protection
Ensure GDPR compliance across all markets and adapt to local data protection requirements
Manage data subject requests, breach procedures and regulatory communications
Conduct and maintain records of processing activities and data protection impact assessments
Train and advise colleagues on data protection best practices
What We're Looking For
Required
5+ years of experience in data protection, information security, IT operations or a combination
Deep knowledge of GDPR and practical experience implementing compliance programs
Experience with ISO 27001 or similar security frameworks
Understanding of cloud security (we run on AWS, Google Cloud & Google Workspace)
Experience with user and device management in a modern SaaS environment
Ability to translate technical concepts for non-technical stakeholders
Fluent English
Preferred
Formal DPO certification or CIPP/E
Security certifications (CISSP, CISM or similar)
Experience in fintech, adtech or data-intensive digital businesses
Familiarity with multi-jurisdictional data protection requirements
Experience building security and IT functions in scaling companies
Manage relationships with IT vendors and service providers in the future
Bonus: Serve as the formal Data Protection Officer for Draivi
What We Offer
Foundational Impact: Build the function from scratch with direct influence on company practices
Autonomy and Trust: We value initiative and give you the autonomy and trust to shape how we approach data protection, security and IT
Career Growth: Room to grow your responsibilities and team as the company scales
Competitive Compensation: Base salary somewhere between 4000-5000€ per month based on experience plus individual performance bonus plan
Comprehensive Benefits: We offer Edenred benefits (lunches, culture & sports, wellbeing and commuting), up-to-date work equipment, extensive occupational health care and insurance also covering free time, snacks at the office and continuous learning opportunities.
Personnel Fund: As part of our commitment to your long-term financial well-being, we offer access to our personnel fund. This allows you to invest your performance bonuses into a managed fund, enhanced by a 20% company contribution, with the potential for significant returns based on your chosen investment strategy. This is more than just a bonus—it's an investment in your future.
Flexible Work Arrangements: We understand the importance of work-life balance. Our flexible working hours and hybrid setup allow you to design a rhythm that supports both productivity and personal well-being.
Vibrant Company Culture: We foster a culture of trust, experimentation and continuous learning. Our supportive work community is one of our biggest strengths.
Exciting Perks: Experience our annual conference trips to incredible destinations like Spain, Croatia, and Germany. We believe in learning, networking, and having fun in the sun.
At Draivi we believe diversity drives innovation. We are committed to fair and unbiased recruitment, ensuring every candidate regardless of background, gender, ethnicity, age, ability or identity is given equal consideration. We value different perspectives and actively encourage individuals from all walks of life to apply.
We live and breathe ambition. We're leaders in performance-based advertising, shaking up the financial sector and beyond. If you're ready to join an international team that's curious, experimental and never stops the madness – we want to hear from you.
Apply before March 1st. Applications reviewed on a rolling basis.
Start date: Q2/2026
Location: Helsinki or Turku, Finland (hybrid options available)