Information Security Governance, Risk and Compliance Lead

Alfa Laval is looking for an Information Security Governance, Risk and Compliance Lead

At Alfa Laval, we always go that extra mile to overcome the toughest challenges. Our driving force is to accelerate success for our customers, people and planet. You can only achieve that by having dedicated people with a curious mind. Curiosity is the spark behind great ideas. And great ideas drive progress.

As a member of our team, you thrive in a truly diverse and inclusive workplace based on care and empowerment. You are here to make a difference. Constantly building bridges to the future with sustainable solutions that have an impact on our planet’s most urgent problems. Making the world a better place. Every day.

Background

The Alfa Laval Information Security team is currently seeking a talented, innovative and passionate GRC Lead to support our growing operations on a group-wide basis. Reporting to the CISO, the GRC Lead will be a key member of the Information Security team with a critical responsibility for ensuring that Alfa Laval has appropriate policies, standards and processes in place.

About the job
The GRC Lead will ensure that the business understands; and can manage, its Information Security risks and that wider Information Security delivery is supported by an appropriate assurance regime, where the latter includes effective reporting on compliance to leadership and functional heads.

The GRC Lead drives Information Security management issues together with business leadership, to ensure that understandings, performance and capabilities are in place to enable and secure the business in current and coming challenges. This is supported by an adapted assurance regime, including effective reporting on compliance to leadership and functional heads, among other things.

Key tasks:
* Oversee the development, issue and updating of policy and standards for Information Security.
* Assist the business with development of subsequent and supporting local policy, standards and procedures.
* Lead and manage the Group’s Risk and Assurance service, ensuring that agreed security requirements are implemented and effectively executed across the organisation.
* Own and maintain the Group’s Information Security Risk Management Framework, including risk register.
* Develop and introduce Key Performance and Risk Indicators (KPIs/KRIs)
* Design and implement supporting assurance programmes for key Information Security activities.

What you know
It essential that the GRC Lead have proven experience at delivering Information Security governance, risk and compliance programmes in large corporates and across international boundaries working in senior roles and - ideally - with director-level/C-suite colleagues.

You have demonstrable experience in managing successful teams in matrix-managed organisations. Good communications skill and fluent English is key. A strong background across Information Security as a discipline, as well as programme management skills and experience of delivering. You are familiarised with current risk management methodologies and tools.

Is a plus if: You have security certification like CISSP, CISM, ISO 27000 Lead implementer or similar, and knowledge with OT and IoT and their business processes.

For more information, please contact

Anders Boberg, Chief Information Security Officer at anders.boberg@alfalaval.com

Manal Mohamed, Talent Acquisition Partner at manal.mohamed@alfalaval.com

For union information, please contact:
Johan Ranhög, Akademikerna, +46 46 2891664
Stefan Sandell, Ledarna, +46 46 367364
Bror Garcia Lantz, Unionen, +46 709 366985

Please send your application as soon as possible. We do not accept applications sent directly via email. We are looking forward to your application!