Information Security Risk & Assurance Lead
Volvo Business Services AB / Datajobb / Göteborg
Observera att sista ansökningsdag har passerat.
Visa alla datajobb i Göteborg,
Mölndal,
Partille,
Kungälv,
Lerum eller i
hela Sverige Visa alla jobb hos Volvo Business Services AB i Göteborg,
Mölndal,
Kungsbacka,
Borås,
Trollhättan eller i
hela Sverige Information Security Risk & Assurance Lead
Mission and context
In this role you will work across all businesses of Volvo Group to drive resilience and information assurance for operational, development and business teams. You are responsible to establish the control processes and information risk frameworks to ensure risk mitigation, and to define an effective and comprehensive control framework so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).
You will further lead and improve the 3rd party information security risk management framework and ensure visibility and oversight of information security risks across TD/BA/GFs.
The successful candidate reports directly to the Vice President Information & Cybersecurity.
Main Responsibilities
Manage and drive the development & maintenance of the Group-wide information security risk management framework (incl. IT/OT and Product)
Work with senior leadership and enterprise risk management (ERM) to establish risk appetite & tolerances for information security
Report consolidated and aggregated information security risks from across 1st line teams & ecosystems (IT, OT & Product) to senior management
Provide risk-based guidance and direction to operational and strategic projects, change initiatives and risk remediation activities
Manage and drive the development and maintenance of third-party risk and supplier security framework to ensure Volvo Group has visibility and oversight of risks stemming from third parties
Oversee third party security improvement programs
Oversee information security management control testing and report overall status and compliance to senior management
Manage and drive the Group-wide classification and prioritization of "crown jewel" assets according to business needs and strategic goals across all ecosystems (IT, OT, and Products)
Requirements and Qualifications
Master's degree in Information technology, cybersecurity, or related field
7+ years of experience in information assurance or similar role
5+ years of experience in information security risk assessment or related consulting or audit, (preferably in an industrial goods organization)
Strong understanding of information security controls and information security risks to identify and evaluate control effectiveness, and any potential gaps
Experience in third-party audits / assurance
Ability to work autonomously as well as part of a team and form effective partnerships across TD/BA/GFs to gain buy-in and inspire change
Industry certification/qualification
CRISC, CISA, CISSP, CCSP, ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don't hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO,
thomas.de.neergaard@volvo.comKindly note that due to GDPR, we will not accept applications via mail. Please use our career site.
Publiceringsdatum2022-07-25Så ansöker duSista dag att ansöka är 2022-08-15
Klicka på denna länk för att göra din ansökanFöretagVolvo Business Services AB
Omfattning Detta är ett heltidsjobb.
Arbetsgivare Volvo Business Services AB (org.nr 556029-5197)
405 08 GÖTEBORG
Arbetsplats Volvo Group
Jobbnummer 6839947
Observera att sista ansökningsdag har passerat.