Arbetsbeskrivning

We are seeking a highly experienced Information Security Expert to join the Digital Foundation department within IT at our client in the automotive industry.

This is an exciting opportunity to be a key player in our client's global journey of establishing robust digital capabilities across Europe and beyond. As part of a global team, you will contribute to the overall IT vision of being an innovator, transformative leader, and enabler for achieving critical business objectives.

As the Information Security Expert, you will be pivotal in defining, designing, and managing the security landscape and services that underpin the organization's technology needs. This role demands both strategic thinking and hands-on operational involvement to ensure technology securely supports and enhances business operations. You will ensure that IT services and digital solutions are aligned with stringent security goals and contribute directly to meeting the organization's business targets. Our client values experience from other high-tech, innovative organizations and a broad understanding of diverse IT service areas.

Your core areas of responsibility will encompass:

• Information Security Governance: Implementing and maintaining frameworks such as ISO27001 & NIST.
• NIS2 Compliance: Ensuring adherence to the Network and Information Systems Directive.
• Business Continuity: Developing and managing plans to ensure operational resilience.
• Risk Management: Identifying, assessing, and mitigating information security risks.
• SOX Compliance: Supporting adherence to Sarbanes-Oxley requirements.
• Security Operations Center (SOC) Oversight: Ensuring effective incident response capabilities.
• Privacy and Security Assessments: Conducting evaluations to identify and address vulnerabilities.

Key Responsibilities and Deliveries:

• Develop and implement comprehensive information security strategies that are tightly aligned with the organization's overarching business goals.
• Create and maintain governing security documents within our Information Security Management System (ISMS) based on ISO27001 and NIST frameworks.
• Take ownership of various operational tasks within the security management processes and procedures.
• Understand evolving business directions, objectives, and market conditions to proactively assess information security risks and identify potential opportunities.
• Drive security initiatives from inception to completion, ensuring successful implementation and adoption.
• Lead the identification, thorough assessment, and effective mitigation of security risks across all organizational levels.
• Oversee the operations of the Security Operations Center (SOC) service, ensuring its effectiveness in incident detection and response.
• Collaborate effectively with other security and privacy functions while also independently managing diverse information security development tasks.
• Champion and ensure a strong overall security posture for the organization, encompassing both operational and development environments.
• Develop and deliver engaging security awareness programs and training sessions across the organization.

Qualifications and Skills Required:

• Extensive and demonstrable experience in the field of information security, with a minimum of 7-10+ years of progressive responsibility.
• In-depth and practical knowledge of key frameworks and regulations, including ISO27001/2, NIST, NIS2, and SOX.
• Comprehensive understanding of cybersecurity principles, cutting-edge technologies, and industry best practices.
• Proven expertise in risk assessment and management methodologies.
• Documented experience in managing and contributing to audit-related activities.
• Demonstrable experience in developing and implementing business continuity and Disaster Recovery Planning (DRP).
• Possession of relevant certifications (e.g., CISSP, CISM, CEH, CISA) or equivalent documented work experience.

Personal Attributes:

• You are a proactive and results-oriented individual who thrives in dynamic environments where you can shape and implement solutions from the ground up.
• You possess a pragmatic approach, are highly self-driven and curious, and demonstrate flexibility with a strong "can-do" attitude.
• You have excellent communication and interpersonal skills, enabling you to effectively interact with diverse stakeholders.
• You are comfortable driving independent work streams within the context of larger team projects.
• You are adept at navigating ambiguous and evolving situations with confidence.
• You are a proactive self-starter with the ability to effectively manage multiple tasks and priorities.
• You possess a strong team-oriented mindset with a flexible and collaborative approach.

The team is based in Gothenburg Lindholmen but collaborates closely with teams and stakeholders globally.