Information Security Risk & Assurance Lead

Information Security Risk & Assurance Lead

Arbetsbeskrivning

Information Security Risk & Assurance Lead


Mission and context
In this role you will work across all businesses of Volvo Group to drive resilience and information assurance for operational, development and business teams. You are responsible to establish the control processes and information risk frameworks to ensure risk mitigation, and to define an effective and comprehensive control framework so that Volvo Group operates securely across all ecosystems (IT, OT, and Product).


You will further lead and improve the 3rd party information security risk management framework and ensure visibility and oversight of information security risks across TD/BA/GFs.


The successful candidate reports directly to the Vice President Information & Cybersecurity.


Main Responsibilities
Manage and drive the development & maintenance of the Group-wide information security risk management framework (incl. IT/OT and Product)
Work with senior leadership and enterprise risk management (ERM) to establish risk appetite & tolerances for information security
Report consolidated and aggregated information security risks from across 1st line teams & ecosystems (IT, OT & Product) to senior management
Provide risk-based guidance and direction to operational and strategic projects, change initiatives and risk remediation activities
Manage and drive the development and maintenance of third-party risk and supplier security framework to ensure Volvo Group has visibility and oversight of risks stemming from third parties
Oversee third party security improvement programs
Oversee information security management control testing and report overall status and compliance to senior management
Manage and drive the Group-wide classification and prioritization of "crown jewel" assets according to business needs and strategic goals across all ecosystems (IT, OT, and Products)



Requirements and Qualifications
Master's degree in Information technology, cybersecurity, or related field
7+ years of experience in information assurance or similar role
5+ years of experience in information security risk assessment or related consulting or audit, (preferably in an industrial goods organization)
Strong understanding of information security controls and information security risks to identify and evaluate control effectiveness, and any potential gaps
Experience in third-party audits / assurance
Ability to work autonomously as well as part of a team and form effective partnerships across TD/BA/GFs to gain buy-in and inspire change



Industry certification/qualification
CRISC, CISA, CISSP, CCSP, ISO 27001 Lead Implementer

The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.


For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com


Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.

Sammanfattning

  • Arbetsplats: Volvo Group
  • 1 plats
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 25 juli 2022
  • Ansök senast: 15 augusti 2022

Besöksadress

*
*

Postadress

*
Göteborg, 40508

Liknande jobb


Chef till säkerhets- och lokalenheten

Chef till säkerhets- och lokalenheten

27 juni 2024

UX Designer

UX Designer

24 juni 2024

Software Engineer

Software Engineer

24 juni 2024