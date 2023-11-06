Infrastructure Security Specialist
As part of Mölnlycke's next level of growth, we are accelerating our value creation, leveraging digitalization with new technologies, data, and a newly created internal IT organization. Looking to deliver increased customer focus, enhanced business collaboration and the adoption of a new DevOps operating model with end-to-end ownership of technology solutions across the organisation. This is a chance to have a real tangible impact within a global business and see how your work directly contributes to the shape of our technological future. You will be empowered to make a true difference, not only for Mölnlycke, but also for patients and health care professionals across the globe.
As part of our technological evolution and a newly shaped team, we are now looking for a skilled Infrastructure Security Specialist with a risk based and can do mentality who wants to take on a more holistic IT security role mainly focusing on technology and processes.
The role
In this role you will establish the Global IT Infrastructure Security improvement Roadmap and drive improvements.
You will play a key role in developing the IT Security inside the Global IT organization. You will work in close collaboration with other departments / stakeholders, for example, QA, Legal, HR, 3rd party suppliers, System, Process and Service Owners at DT8, and Factory Sites regarding Infrastructure Security related matters.
You will further optimize our SOC services, establish, implement, and improve IT Security Incident Management Process and Practices, and lead the execution of Vulnerability Assessments / PEN tests. You will define the relevant infrastructure security requirements, setting and implementing relevant policies, and offering training to ensure the security of the complete IT infrastructure environment.
The role is permanent position, is a member of an integrated Risk, Security, and Compliance Global Team positioned at HQ in Gothenburg, reporting to IT Director Risk, Security, and Compliance, with a dotted line reporting to Solution Delivery Lead Infrastructure & Workplace.
Given Mölnlyckes industry there are very strict laws and regulations to follow and we expect the role to have insight and understanding of these as well as the alignment to the relevant Mölnlycke policies.
Key accountabilities for the role
The purpose of the position is to be the Subject Mater Expert (SME) for Global IT Security Infrastructure.
Lead the execution of continual Vulnerability Assessments / PEN tests, report on results, and define and drive improvements accordingly
Lead the establishment and improvement of the SOC services and actively work to optimize it and extend it to also cover OT
Analyse security monitoring logs and reports received from 3rd party suppliers and act accordingly
Create monthly security dashboard regarding security incidents, phishing attempts, and presenting to CISO / other relevant stakeholders, e.g., The Cyber Governance Forum and Head of DT8
Establish, maintain, and update an Infrastructure Security Risk List and drive mitigation efforts
Process owner for IT security incident response including relevant procedures
Actively lead Infrastructure Security related policy setting and updates
Actively support development, establishment, and maintenance of Mölnlycke's ISMS
Ensure that Mölnlycke's Infrastructure is compliant with security legislations (e.g., NIS2, ISO 27001 (Global IT's ISMS), and GDPR)
As SME give input to IT Security related audits / take actions to address Infrastructure Security related NCs towards closure
As SME give input to IT Security trainings
Ensure that Infrastructure Security requirements are addressed in OT, IoT, and SaMD (Software as Medical Device)
If all that sounds appealing, then here is what we would like you to demonstrate
A B.Sc. in IT or equivalent in experience and/or certification is required.
We are looking for someone who has hands on experience of IT Infrastructure Security Services and/or worked in a SOC previously.
You have at least 3 years of progressive experience in the field of IT security. As a person you have a strong drive, can-do mentality, improvement focus and are willing to learn. You are used to working in an international environment and you have strong interpersonal communication and relation skills.
Additional experience with Microsoft 365 security components, such as MCAS, AIP, Azure SSO, ATP and/or Microsoft Defender is considered a plus.
If you enjoy thinking and collaborating with others to find solutions, gaining commitments and mandate when needed, taking ownership and lead to deliver risk based security solutions in a global environment, you are probably the right person for this position.
The position will entail working globally with different people and you should be able to communicate well in written and spoken English.
What you'll get...
• The opportunity to be a part of development and implementation of the global IT strategy including digital vision & mission and digital technology innovation roadmap.
• The opportunity to make a positive impact on the healthcare sector by contributing with digital solutions for customers and healthcare professionals.
• The opportunity to develop and maintain expertise in relevant areas including business processes, technologies, applications, and relevant data.
• An attractive package including annual bonus, pension, health insurance and wellness contribution.
• Flexible working hours and flexible work from home policy
• Great colleagues in a global company with an open, friendly, and fair working atmosphere.
About Mölnlycke
Mölnlycke is a world-leading medical solutions company. We design and supply solutions to enhance performance at every point of care - from the hospital to the home proven it every day.
Our approach to diversity and inclusion
We strive to have a diverse mix of people from different cultures, ages, geographies and genders, to reflect the world in which we operate and to facilitate innovative thinking across the business.
