Information Security Specialist to PostNord

Job description
Do you want to be part of a dynamic and challenging environment at the number one logistics services provider in Scandinavia? If you have a passion for information security and are interested in solving complex problems, join us in protecting our critical infrastructure that serves millions across the Nordics.

Responsibilities
The CISO Office at PostNord Group houses information security officers and specialists who are responsible for protecting the business, enabling digital transformation and earning trust. We work very closely with the operational cyber security teams, developers, privacy officers and production engineers to name a few; on a journey to further expand our information security capabilities. Our information security program is driven by a risk-based approach, rather than a compliance-based approach followed by highly regulated industries. This allows us to focus our efforts on protecting the business with an agile team and forward-thinking solutions which are fun to work with.

As an an Information Security Specialist at PostNord will support all parts of our Nordic Group as a Subject Matter Expert in specific security areas working together with the PostNord CISO and Cybersecurity team."


In summary, you will thus be able to work in a broad role and touch on areas such as;


Design and automate security assessments in any type of environment 
Perform penetration testing and ethical hacking, analyzing security risks and recommending mitigating and compensating security controls
Ensure applications, software systems and mobile applications are designed, developed, implemented and monitored according to the appropriate security standards and practices
Support Product Owners and assist in prioritizing security controls based on regulatory and business requirements, the information processed and its exposure
Advise solution architects on appropriate security architecture and suggest possible third-party solutions/integrations
Analyze cloud and application environments and web services from a security perspective
Recommend key tools and processes supporting medium to high complexity solutions impacting security
Educate development teams in the implementation of security user stories
Provide awareness of vulnerabilities present in application components and frameworks
Suggest secure coding and encryption protocols and configurations
Perform security reviews and risk and privacy assessments 


We offer you:

- Personal development opportunity with an attractive career projection.
- Autonomy to make decisions and prioritize.  
- Work in a Nordic and dynamic environment.
- Wellness allowance & access to the office´s gym and indoor swimming pool.
- Employee benefits through PostNord´s own personnel foundation PostNord Plus.
- Occupational pension terms

Qualifications
It is an advantage if you have previous hands-on experience in implementing and maintaining an Information Security Management System (ISMS); experience in building and assessing secure architecture and working within the software development lifecycle; and/or experience in designing and implementing technical security controls and solutions. We believe you are a person that is thorough, analytical, curious and willing to spend time learning and continuously improving. Your way of working is inclusive, structured and responsible. You need to be able to handle stressful situations and prioritize job tasks independently. You have very good presentation and communication skills and are easy to collaborate with, and are unpretentious in your way of creating and nurturing long-term relationships.

We think that you are a super-motivated engineer with a passion for DevOps and Information Security and are a dynamic, forward-thinking individual who practices what you preach. We also think it's important that you have an excellent presentation and writing skills and a big interest in the cloud and how it can enhance PostNord.

Requirement:
Academic degree in information security area or equivalent knowledge and skills acquired through work experience
Familiarity with and solid skills in PostNord’s information security effort is an advantage 
Excellent and well-documented information security skills with a focus on IT security 
Several years of experience of advanced specialist support in the area of information security at a tactical or strategic level 
Thorough familiarity with standards for information security (Good Practice, ISO/IEC 27001, ITIL and COBIT)
Communication in English both speech and written


Meritorious:

- CISSP or equivalent security accreditation 
- Experience with penetration testing/ethical hacking/red teaming 

Application
Welcome with your application!

Selection is ongoing and we want your application as soon as possible. In this recruitment, we collaborate with Randstad Technologies, for questions about the role contact responsible recruitment consultant Julia Rhönnstad, 0729872754, julia.rhonnstad@randstad.se

For union contact persons, see PostNord.com/Unional contact. 

About the company
PostNord is the leading supplier of communication and logistics solutions to, from, and within the Nordic region. We ensure the provision of a postal service to households and businesses in Sweden and Denmark. We aim to make everyday life easier and more sustainable for everyone who lives and works in the Nordic region. We are accountable, brave and committed, effectively leading change regardless if we lead our self or others. We emphasize teamwork, sincerity and positive relationships in the workplace. We build on our success and learn from both colleagues and mistakes. People with different backgrounds work with us. You will therefore be part of a workplace with great diversity, which contributes to better results for the business.