Information Security Lead to Careium!
2024-07-09
Imagine a career where every day brings the joy of giving back and the promise of a bright future. At Careium, that's our reality. Here, your work directly supports the incredible seniors who built the foundation of our society. It's a chance to show your gratitude, share your skills, and light up their lives - a deeply rewarding experience that leaves a lasting impact.
Careium AB (publ) is a leading Swedish company specializing in technology-enabled care, with business units across Europe. We are dedicated to innovation, excellence, and ensuring a high standard of security for our clients and employees. As an ISO 27001 and ENS certified organization, we are committed to maintaining and enhancing our robust information security management system. As we continue to grow, we are seeking a dynamic and experienced Head of Information Security to join our team and lead our information security strategy across all our European operations.
Job Description:
The Information Security Lead is a new role at Careium, and will be responsible for developing, implementing, and maintaining a robust information security program that protects the confidentiality, integrity, and availability of our company's information assets. This role emphasizes practical implementation and achieving tangible security outcomes over creating extensive documentation. The Head of Information Security will report directly to the CIO as part of the CIO office and keep group management updated on important developments.
Information security (IS) is vital to our success and is a key driver for developing the company and enhancing our customers' trust and safety. For you to be successful in this role you will be working closely with all parts in our business units, strengthening the total level of security. The role entails a strong mandate in achieving this, as well as a strong influence in optimising the information security organisation. There are however no direct reports to the role, but rather a matrix organisation to build a strong information security base within Careium.
Key Responsibilities:
• Develop and execute a comprehensive information security strategy aligned with business objectives.
• Focus on practical implementation of security measures and achieving tangible results
• Leverage information security as a means to drive company development and enhance customer trust.
• Lead implementation and management of information security policies, procedures, and controls.
• Ensure compliance with NIS2 and Cyber resilience act, and other relevant European regulations and standards, maintaining our ISO 27001 certification.
• Conduct risk assessments and vulnerability assessments to identify and mitigate security risks.
• Manage incident response planning and execution, including investigation of security breaches and implementation of corrective actions.
• Oversee security awareness training programs to educate employees on best practices and emerging threats.
• Collaborate with IT, compliance, legal, management and business units to ensure cohesive security measures across all operations.
• Stay current with the latest security trends, technologies, and threats, and advise senior management on potential impacts.
• Develop and maintain relationships with external partners, including security vendors, regulatory bodies, and industry groups.
• Report to the CIO and regularly update group management on significant security developments and risks.
Qualifications:
• Minium a bachelor's degree in information security, Computer Science, or a related field.
• Minimum of 5 years of experience in information security, with at least 3 years of working with managers and executives.
• Strong knowledge of information security frameworks, standards, and best practices (e.g., ISO 27001, NIS2, NIST).
• Proven experience in developing and implementing security policies, procedures, and controls.
• Excellent understanding of risk management, threat analysis, and vulnerability assessment.
• Strong communication skills with the ability to articulate complex security issues to non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, or CISA are desirable, but not necessary.
• A background in care & technology-enabled care services is desirable, but not necessary .
• Fluency in Swedish and in English is required, proficiency in other European languages is a plus.
What We Offer:
At Careium you will have the chance to make a significant impact on the security posture of a leading European company in technology-enabled care. At our workplace we understand the need for a proper level of security & safety. If that is not enough, you will join a dynamic, fun, and supportive work environment with value driven and engaged colleagues.
Our headquarters are in Malmö, but we offer a hybrid work solution that enables partial work from home. The role will also require occasional travel to our offices across Europe.
