OBS! Ansökningsperioden för denna annonsen har
Information Security Risk Analyst
Mission and context
In this role you will work across all businesses of Volvo Group to support the resilience and information assurance activitites. You will design an effective and comprehensive control framework, associated control processes, and information risk framework, so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).
The successful candidate reports directly to the Information Security Risk & Assurance Lead.
Develop & maintain the group-wide information security risk management framework (incl. IT, OT, and product)
Support leadership to determine appropriate risk appetite & tolerances
Develop & maintain Group-wide information security related KRIs
Consolidate and aggregate IS risks reported from across 1st line teams & ecosystems (IT, OT, and Product) and report them to senior management to shape discussions
Compile external risk reports to relevant stakeholders
Oversee and assurate that the Information security risk register are kept up-to-date
Challenge 1st line teams on risk mitigations to ensure the most effective approaches are being taken
Support development and prioritization of future activities as part of the informtion security strategy
Identify Group-wide horizontal IS risk scenarios impacting multiple TD/BA/GFs
Coordinate with 1st line teams to develop appropriate mitigations for Group-wide information security risks
Provide training & awareness across Volvo Group on information security risk management and usage of the framework
Requirements and Qualifications
Master's degree in Information technology, computer science, cybersecurity, or related field
3+ years of professional information risk management, information security, or cybersecurity
Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, etc.)
Ability to articulate risks and communicate effectively to various levels of management
Ability to work effectively with a wide range of teams including developers, senior management, customers, auditors, etc.
ISO 31000 Certified Risk Manager
ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, firstname.lastname@example.org
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.