Information Security Risk Analyst

Information Security Risk Analyst


Information Security Risk Analyst

Mission and context
In this role you will work across all businesses of Volvo Group to support the resilience and information assurance activitites. You will design an effective and comprehensive control framework, associated control processes, and information risk framework, so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).

The successful candidate reports directly to the Information Security Risk & Assurance Lead.

Main Responsibilities
Develop & maintain the group-wide information security risk management framework (incl. IT, OT, and product)
Support leadership to determine appropriate risk appetite & tolerances
Develop & maintain Group-wide information security related KRIs
Consolidate and aggregate IS risks reported from across 1st line teams & ecosystems (IT, OT, and Product) and report them to senior management to shape discussions
Compile external risk reports to relevant stakeholders
Oversee and assurate that the Information security risk register are kept up-to-date
Challenge 1st line teams on risk mitigations to ensure the most effective approaches are being taken
Support development and prioritization of future activities as part of the informtion security strategy
Identify Group-wide horizontal IS risk scenarios impacting multiple TD/BA/GFs
Coordinate with 1st line teams to develop appropriate mitigations for Group-wide information security risks
Provide training & awareness across Volvo Group on information security risk management and usage of the framework

Requirements and Qualifications
Master's degree in Information technology, computer science, cybersecurity, or related field
3+ years of professional information risk management, information security, or cybersecurity
Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, etc.)
Ability to articulate risks and communicate effectively to various levels of management
Ability to work effectively with a wide range of teams including developers, senior management, customers, auditors, etc.

Industry certification/qualification
ISO 31000 Certified Risk Manager
ISO 27001 Lead Implementer

The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.

For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO,

Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.


  • Arbetsplats: Volvo Group
  • 2 platser
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 25 juli 2022
  • Ansök senast: 15 augusti 2022




Göteborg, 40508

Liknande jobb

SOC/CDC Analytiker

SOC/CDC Analytiker

5 oktober 2022

Exjobb: System Safety

Exjobb: System Safety

4 oktober 2022