Arbetsbeskrivning

Volvo Are you ready to shape tomorrow’s IT compliance and data protection capabilities together with us? At Volvo Group we put great value to effective and efficient cybersecurity. Compliance and audit are essential parts of the puzzle, rendering high management attention. In this role you will establish and lead a team of risk officers focusing on IT compliance, audit and Data protection compliance. Your team will work closely to our cybersecurity team and business stakeholders to oversee audit activities, interpret findings and recommendations. You will also lead the work to facilitate the implementation of controls and improvement activities related to the Data protection area. This is us, your new colleagues Volvo Group drives prosperity through transport solutions, offering trucks, buses, construction equipment, power solutions for marine and industrial applications, financing and services that increase our customers’ uptime and productivity. Founded in 1927, the Volvo Group is committed to shaping the future landscape of sustainable transport and infrastructure solutions. We, at Enterprise IT Security, are on a mission to secure the digital journey for the Volvo Group. We work closely together with stakeholders across several Truck Divisions (TDs), Business Areas (BAs), and Group Functions (GFs). While the BAs are responsible for driving the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance, and security. With Enterprise IT Security, you will be part of a Group Function named Group Digital & IT. A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. Enterprise IT Security works in close collaboration with both Group Security, Group Privacy Office and security functions and specialists throughout the organization. Together we strive for a best-in-class cyber security posture. Your closest team will be EITS Compliance and Audit. We are a function that orchestrates the identification, assessment, mitigation, and reporting on IT and OT security risks, oversee IT related audits and mitigating activities and act as support in Data Protection processes, as well as act as a direct line of reporting to GPO for privacy compliance matters within Digital & IT.   This is how you could make an impact Your main tasks and responsibilities include: * Lead the establishment of the Compliance, Audit function * Recruit and lead a team of cybersecurity risk officers * Contribute to the overall management of the Compliance support function as well as EITS * Manage and coordinate audit activities for EITS, including advice and assist colleagues to interpret audit findings and recommendations * Advice on activities to strengthen IT control effectiveness for Data Protection purposes * Facilitate the implementation of controls and improvement activities for Data Protection purposes, including Coordinate development of Corrective Action Plans for audit findings To be successful in this job you need to stay on top of the threat and risk landscape, the regulatory environment, our business strategies, emerging technologies and how new technologies and ways of working alter our risk and control posture. Who are you? You are a person that inspire and encourage others to great performance. A team player with the drive to contribute to successful completion of our objectives, as well as to the team spirit of EITS. You are well structured with an ambition that makes you organize and manage the work of your team to complete tasks within given timeframes. You create good atmosphere at work and enjoy celebrating success together with your team.  Leadership qualifications: * Ability to communicate vision, strategy and objectives in an inspiring way * Leadership characterized by high level of integrity and trust * Proven managerial courage * Proven capacity to execute against set targets * Strong focus on cross unit collaboration * Business orientation with professional attitude towards diverse stakeholders Mandatory qualifications: * Genuine interest and proficiency in technology and information/cyber security * Master’s/Bachelor's degree in data/system science or equivalent experience * Effectively communicator verbally and in writing in national language and English * An understanding of relevant standards and requirements related to Data Protection * Possession of, or willingness to earn, relevant certifications, such as CISA, CISSP, etc. Experience in one or more of the following areas would be advantageous: * Thorough understanding and practical Industry standards such as ISO27000, NIST, CMMC, GDPR, etc. * Third party risk management, due diligence and assessments/audits * Conducting technology and information security risk assessments