Information Security Controller

Svenska Cellulosa Aktiebolaget
SCA is a leading global hygiene and forest products company. The Group develops and produces sustainable personal care, tissue and forest products. Sales are conducted in about 100 countries under many strong brands, including the leading global brands TENA and Tork, and regional brands, such as Libero, Libresse, Lotus, Nosotras, Saba, Tempo, Vinda and Zewa. As Europe’s largest private forest owner, SCA places considerable emphasis on sustainable forest management. The Group has about 44,000 employees. Sales in 2015 amounted to approximately SEK 115bn (EUR 12.3bn). SCA was founded in 1929, has its headquarters in Stockholm, Sweden, and is listed on NASDAQ OMX Stockholm. For more information, visit www.sca.com
 

Overview
 
The Information Security Function establishes and manages SCA Group’s information security on behalf of CIO. Security is governed and managed through SCA Information Security Management System (ISMS). An Information Security Controller has a broad responsibility to cover tasks in all parts of the ISMS. The Controller reports to Director Information Security.
Each team member’s responsibility is defined annually and is assigned based on the company’s current risk exposure, the team member’s competences and individual development goals.
The geographical scope is global, but the position is preferably located in Ismaning or Gothenburg, however any other of SCA IT Services locations can be considered.



Main Responsibilities
 

Continuous technology and information risk watch.
Risk management, provide security guidance to the company including IT colleagues. Support and follow up on remediating activities.
Manage incidents and service requests addressed through the Service Desk systems.
Continuous improvement of the ISMS.
Evolve SCA’s information security capability consistent with the risk portfolio. Security awareness activities.
IT security governance and monthly monitoring, give directions and following up through compliance management.
Conduct internal information security audits on SCA sites based on SCA information security standards. Coordination of external ITGC audits.
Compile reports to IT Management providing assurance that information security is being adequately addressed.

Experience and Qualification Requirements
 

High ability to deliver results within agreed time.
Quality oriented with high documentation and presentation skills.
Ability to act and take decisions based on risk evaluation. Balancing risk acceptance with putting clear requirements on the SCA organization including IT colleagues.
A team-player who is self-motivated with a positive attitude.
University degree in computer science or similar.
CISSP certification or other proof of experience and competence.
More than 3 years of experience in information security roles.
A freshly graduated applicant can be considered, but will require location in in Gothenburg for at least three years.

Additional Information
 
Please mind that we only accept online applications in English.
If you have questions, please contact IT Director Information Security: mats.gustavsson@sca.com
SCA kindly but firmly declines direct contact with recruiting and staffing agencies, as well as job advertising sellers.