Principal Security Engineer to BROCC

If you are excited by the idea of transforming security and compliance into a scalable, engineered capability for a fast-growing fintech, this role is designed for you!

We are creating a regulated fintech platform where trust, speed, and resilience reinforce each other. Security is not an afterthought, and compliance is more than static documents, it is embedded into how we operate. As Principal Security Engineer, you will define how this works in practice.

Work Description

In this role, you will operate at the intersection of cloud engineering, security architecture, and regulation, acting as the company’s Security Officer. You will not only run the function but reimagine it, transforming manual, periodic controls into automated, continuously validated assurance.

You will work closely with platform teams while partnering with management on risk, resilience, and regulatory confidence. You will have real ownership, both technically and organizationally, shaping how security is designed, implemented, and maintained across the company.

What you will do:

·       Define our vision for security architecture & design: Act as the lead architect for our security roadmap, ensuring security-by-design is embedded across the platform. You will translate complex risks into engineering requirements, guiding everything from product builds to cloud infrastructure.

·       Drive modernization and automation: Drive the shift toward automated compliance and security. You will own the integration of guardrails into AWS, Terraform, and CI/CD pipelines, leveraging automation and AI to move away from manual checks toward continuous controls.

·       Take governance, risk & compliance ownership: Own the information security framework, including ICT policies, BIA, and BCP/DR plans. You ensure our operations align with global standards and regulations such as NIST, SOC 2, ISO 27001, GDPR, and DORA.

·       Operational Resilience & Incident Leadership: Lead technical incident response efforts and proactively enhance platform reliability. By maturing our observability and automation, you’ll ensure we don’t just recover from incidents, but prevent their recurrence.

·       Third-party & regulatory oversight: Oversee our IT and BPO providers. You will ensure their delivery stays compliant with the relevant outsourcing guidelines and maintains a high security bar across all external integrations.

Your profile

We are looking for someone who -

• Has several years of experience from a senior role within the area of IT security.

• Builds and redesigns systems, not just runs them.

• Has solid experience within cloud security and security architecture, is comfortable owning outcomes in regulated environments, and focused on turning frameworks into automated, continuously running controls.

• Is curious by nature, motivated by improvement, and excited to use automation and AI to reduce friction and increase confidence

• ls comfortable operating close to the technology while communicating clearly with stakeholders and translating technical risk into business impact.

About BROCC

Brocc was founded in 2016 as a Stockholm based fintech specialized in peer-to-peer lending. We have since then transitioned into an established, pan-European niche bank within consumer lending and debt management. We are active in 15+ markets across Europe, and have offices in Sweden, Finland and UK.

We aim to build a stronger European ecosystem through transparent, data-driven, and fair financial solutions. Read more: www.brocc.se

Apply today!

This is a full-time, permanent position based in Stockholm. Recruitment is handled in collaboration with Inhouse IT & Tech. Selection is ongoing, so don’t wait! Apply directly via www.inhouse.se.

For questions, contact recruitment consultant Louise Hagen Furugård at louise.furugard@inhouse.se or 073-311 87 26.