Information Security Risk & Assurance Lead
Volvo Group
OBS! Ansökningsperioden för denna annonsen har passerat.
Arbetsbeskrivning
Information Security Risk & Assurance Lead
Mission and context
In this role you will work across all businesses of Volvo Group to drive resilience and information assurance for operational, development and business teams. You are responsible to establish the control processes and information risk frameworks to ensure risk mitigation, and to define an effective and comprehensive control framework so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).
You will further lead and improve the 3rd party information security risk management framework and ensure visibility and oversight of information security risks across TD/BA/GFs.
The successful candidate reports directly to the Vice President Information & Cybersecurity.
Main Responsibilities
Manage and drive the development & maintenance of the Group-wide information security risk management framework (incl. IT/OT and Product)
Work with senior leadership and enterprise risk management (ERM) to establish risk appetite & tolerances for information security
Report consolidated and aggregated information security risks from across 1st line teams & ecosystems (IT, OT & Product) to senior management
Provide risk-based guidance and direction to operational and strategic projects, change initiatives and risk remediation activities
Manage and drive the development and maintenance of third-party risk and supplier security framework to ensure Volvo Group has visibility and oversight of risks stemming from third parties
Oversee third party security improvement programs
Oversee information security management control testing and report overall status and compliance to senior management
Manage and drive the Group-wide classification and prioritization of "crown jewel" assets according to business needs and strategic goals across all ecosystems (IT, OT, and Products)
Requirements and Qualifications
Master's degree in Information technology, cybersecurity, or related field
7+ years of experience in information assurance or similar role
5+ years of experience in information security risk assessment or related consulting or audit, (preferably in an industrial goods organization)
Strong understanding of information security controls and information security risks to identify and evaluate control effectiveness, and any potential gaps
Experience in third-party audits / assurance
Ability to work autonomously as well as part of a team and form effective partnerships across TD/BA/GFs to gain buy-in and inspire change
Industry certification/qualification
CRISC, CISA, CISSP, CCSP, ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.
Mission and context
In this role you will work across all businesses of Volvo Group to drive resilience and information assurance for operational, development and business teams. You are responsible to establish the control processes and information risk frameworks to ensure risk mitigation, and to define an effective and comprehensive control framework so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).
You will further lead and improve the 3rd party information security risk management framework and ensure visibility and oversight of information security risks across TD/BA/GFs.
The successful candidate reports directly to the Vice President Information & Cybersecurity.
Main Responsibilities
Manage and drive the development & maintenance of the Group-wide information security risk management framework (incl. IT/OT and Product)
Work with senior leadership and enterprise risk management (ERM) to establish risk appetite & tolerances for information security
Report consolidated and aggregated information security risks from across 1st line teams & ecosystems (IT, OT & Product) to senior management
Provide risk-based guidance and direction to operational and strategic projects, change initiatives and risk remediation activities
Manage and drive the development and maintenance of third-party risk and supplier security framework to ensure Volvo Group has visibility and oversight of risks stemming from third parties
Oversee third party security improvement programs
Oversee information security management control testing and report overall status and compliance to senior management
Manage and drive the Group-wide classification and prioritization of "crown jewel" assets according to business needs and strategic goals across all ecosystems (IT, OT, and Products)
Requirements and Qualifications
Master's degree in Information technology, cybersecurity, or related field
7+ years of experience in information assurance or similar role
5+ years of experience in information security risk assessment or related consulting or audit, (preferably in an industrial goods organization)
Strong understanding of information security controls and information security risks to identify and evaluate control effectiveness, and any potential gaps
Experience in third-party audits / assurance
Ability to work autonomously as well as part of a team and form effective partnerships across TD/BA/GFs to gain buy-in and inspire change
Industry certification/qualification
CRISC, CISA, CISSP, CCSP, ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.
Sammanfattning
- Arbetsplats: Volvo Group
- 1 plats
- Tills vidare
- Heltid
- Fast månads- vecko- eller timlön
- Publicerat: 25 juli 2022
- Ansök senast: 15 augusti 2022
Besöksadress
**
Postadress
*Göteborg, 40508
Liknande jobb
IT-säkerhetsansvarig
Linköpings kommun
28 mars 2024
Chief Information Security Officer
BlueTeam Compliance
Stockholm
27 mars 2024
Chief Security Officer
Meet a Groups kund
13 mars 2024
Cybersecurity Specialist
Volvo Car Corporation
20 februari 2024