GTP Business Information Security Officer – Partner Cybersecurity

Mission
On behalf of the Executive Management Team (EMT) and Purchasing Strategy & Digitalization Team, define and implement our information security roadmap, with specific initial focus on securing Supply Chain regarding Cyber Security. You will be responsible to manage our roadmap based on business priorities and to initiate and follow-up pre-studies, initiatives and specific projects, to secure our ambition to excel in this area. The BISO will also act as senior representative in relevant foras, networks and steering committees across the Group.

We can offer you:
A senior position where you will have the opportunity to drive challenging and strategic assignments and tasks in a key area of long term success
A position highly visible, including high level of co-operation with the Purchasing line organization and tightly connected to the Volvo Group Information Security network
The opportunity to work in a highly competitive environment with global purchasing responsibilities, and to develop in a dynamic and multicultural organization
To work with a solid global team consisting of team players with energy and creativity, who are willing to drive the change and strive for the best in order to deliver results.

Key areas of responsibility:
Plan, define and manage the information security strategy and roadmap for the GTP scope of applications and information
Translate the goals and policies of the centralized security functions of Volvo Group down to specific practices and procedures within the TD/BA. Additionally the BISO is responsible for providing business context back to the centralized security functions to help shape future direction.
Manage the stakeholder dialogue in order to secure that the right priorities and business needs is defined for the roadmap
Drive/Coordinate Information Security within business projects together with IS/IT
Support implementation of processes to mitigate the supply chain risks by partners inability to fulfill their delivery obligations the Volvo Group, due to cyber-related attacks
Secure emergency routines to minimize supply disruption when a supplier is exposed to cyber attack ​
Proactively identify cybersecurity related risks in the supply chain​
Establish, maintain and support a Partner Cybersecurity governance structure
Support compliance activities of automotive industry regulation and standards
Establish and support a responsible cybersecurity disclosure process
Be the GTP representative in relevant Group foras
Support the development and the implementation of security policies, standards, guidelines, and procedures
Support implementation of processes to mitigate the risk to the Volvo Group posed by the loss of confidential, sensitive and proprietary information
Build and maintain relationships with internal and external stakeholders
Ensure standard methodologies, processes, templates, and tools are shared across Volvo Group
Develop and maintain GTP steering documents, processes, tools and templates for Information security

Qualifications
Relevant work experience
Knowledge and experience of international information and cybersecurity management standards and compliance
Understanding of information and cybersecurity best practices, technologies and product development life cycle
Automotive cybersecurity knowledge of automotive industry regulation and standards, e.g. UNECE R155, ISO/SAE 21434 is a bonus
Experience from risk management methodologies and specifically 3rd part assessments
Incident management
Project & stakeholder management skills
Strong change management and communication skills
Experience from working in a global business environment
Having an energetic and positive approach to problem solving
A team-oriented mind set
Business Acumen