Application security governance officer

Application security governance officer

Arbetsbeskrivning

We, at Enterprise IT Security, are on a mission to secure the IT journey for the Volvo Group. We work closely together with stakeholders across several Business Areas (BAs), Truck Divisions (TDs), and Group Functions (GFs). While the BAs are responsible for driving the business, the TDs provide research, development, manufacturing and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction and have global responsibility.


With Enterprise IT Security you will be part of Group Digital & IT (Group Function). A global and diverse team of highly skilled professionals who work with passion, trust each other and embrace change to stay ahead.


Your main activities and responsibilities
Application security governance officer steers and provides oversight on all application security activities within the Volvo Group. Is setting the goals, supervising the execution and leading verification through network of stakeholders. Governance officer also ensures application security remains an enabler for the business and technology related risks are managed within the organization’s risk appetite.




In your role you will be responsible for:
Setting the requirements and high-level goals for application security area in Volvo Group
Tailoring and maintaining the application security management framework including legacy and modern SDLC/DevSecOps areas
Supporting implementation of the SDLC and DevSecOps in Volvo Group
Supervising vulnerability management process for the application area
Cooperating with IT delivery units to improve application security posture
Responsible to define process measurements and develop measurement system for application vulnerabilities
Contributing to reporting function and its execution within application security creation, implementation and risk mitigation processes
Cooperating with core Volvo Group D&IT departments and external suppliers to strengthen application security area





Your background
You have proven leadership for activities implementing and maintaining application security governance and management system and related controls in the medium/high sized organizations and projects.
You have a good understanding of the IT security challenges in the current and future state of large enterprises such as Volvo Group to prepare the organization with the right processes, skills, relationships, and capabilities against growing IT security risks.
Your ability to establish and maintain good relations with your internal and external stakeholders will be essential to succeed in this role.



Hard skills and knowledge:
Application security framework implementation, SDLC/DevSecOps implementation, SAST/DAST/SCA scan engines implementation, vulnerability management, risk assessment, exemption handling, stakeholders management
Applied knowledge of modern application security area concepts like cloud security, container security, api security, IaaS code security, modern IAM concepts like zero trust model or OAuth2/OIDC, etc.
Experience in implementation of the cloud related controls in application security area
Proven knowledge of one or more well-known cyber-security frameworks (like ISF, NIST, SCF, ISO 27x, OWASP, etc.)





Minimum Education and Experience:
Bachelor or Masters Degree in Information Technology, Information Systems, Engineering, a related field or equivalent work experience
10+ years experience in IT Operations, Security & Development



We are looking forward to seeing your application!


Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.


Application screening will start immediately; we look forward to receiving your application as soon as possible.

Sammanfattning

  • Arbetsplats: Volvo Group
  • 2 platser
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 2 februari 2023
  • Ansök senast: 28 februari 2023

Besöksadress

*
*

Postadress

*
Göteborg, 40508

Liknande jobb


Platform Developer

Platform Developer

22 november 2024

Acting Product Manager

Acting Product Manager

22 november 2024