OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Let’s be honest, finance is complicated!
So we at Arvato Financial Solutions are proud to be guiding international as well as renowned local companies through the complex world of cash flows. Whether our customers sell shoes in e-commerce or offer telecommunications services, our services ensure efficient credit management for the best possible financial performance. Our approximately 7,000 employees solve new challenges in payments and complex data riddles every day, and do so cleverly, analytically and with an eye for every little detail as that is our DNA. We are seeking colleagues who want to take an active part in this – whether they are young professional, IT specialists, data analysts, advisers, managers or lateral entrants. And thanks to our presence in around 20 countries with a focus on Europe and America, there will usually be the right job available nearby.
Do you have a proactive approach, the technical skills and are willing and eager to take the lead on, and form a long-term strategic agenda with regards to information security and compliance?
Based in any office in Stockholm or Uppsala, we are now looking for an Information Security Officer to develop our work within information security, and enforce our group-wide Information Security Management System (ISMS) policies and procedures, in our TECH organization (including our IT infrastructure).
Responsibilities
We need you to take lead off all aspects, and continuously improve the governance and management of security, to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.
You will be managing our ISMS documents for security, spreading awareness, measuring the effectiveness, and providing assurance. You will also create security guidelines and concepts, as well as derivation of the resulting organizational and technical measures. For new solutions, services, and partners, you will assess the information security risks, do the necessary due diligence, and review evidence to ensure it is all up to par. You will coordinate the Information Security work within the TECH organization in close collaboration with our IT Security Manager.
You will also be coordinating the response in case of information security incidents, and carry out and evaluate analyses in the context of information security (BIA, fit-gap analysis, KPIs), as well as checking for plausibility and verifiability. Your support in the implementation of standards for increased security requirement like PCI DSS and other contiguous topics, especially business continuity management (BCM), ISAE3402 and ISO27001, is of course of the essence.
You are the contact person in questions of information security and related topics for the TECH organization. Conducting management reviews and regular coordination with executives.
Competency profile
Worked with information security in general for at least 5 years.
An experienced information security professional with a technical background.
Understands how information security assurance works in practice, and wants to optimize and simplify its application.
Understand how a development organization operates. Preferably experienced with agile development.
Have been managing an ISMS or parts of it, have created ISMS documents with a company understanding of their impact on the organization, especially developers.
Have experience working with engineers, product developers, management and users, as well as external stakeholders.
Experience working with cloud-based technology, understands how cloud architectures work and how security can be assured in them.
Fluent in written and spoken English. Can read and understand regulatory requirements and contracts without issues.