Information Security Risk Manager to Epiroc Group

Senior Information Security Risk Manager to Epiroc!

In order to ensure central control and an increased focus on Epiroc's digital security risks, a new Information Security Risk Management organization has been created. Information Security will be given higher visibility in the organization, as GIAA communicates regularly with Epiroc Group Senior Management and quarterly to the Audit Committee of the Board of Directors. This places Information Security at a level in line with its business impact.

At Group Internal Audit and Assurance, we aim to establish and maintain a solid internal control framework. By assessing the existing processes, business risks and internal controls with an innovative approach and competent teams, we will improve the internal control framework, reduce risk exposure and gain efficiencies within Epiroc. We are an agile function, we move with Epiroc's strategy and risks landscape, this is how we add value!

In GIAA, we believe that we are stronger together, and that all of us bring unique skills and competencies.

As Information Security Risk Manager you will:
* Serve as Chair of Epiroc's Information Security Council. This council will be responsible for the overall governance and strategy of Information Security globally
* Facilitate the creation/update of Information Security policies & procedures, control framework, requirements towards suppliers/customers and information classification matrix
* Conduct system/application risk assessments
* Facilitate survey and analysis of results of IT and Information Security Control Self-Assessment. As well as follow-up of Action Plan
* Collaborate on the development of the Information Security Training Awareness Program
* Conduct IT Security internal audits
* Lead corporate IT investigations requested by Epiroc IT and/or Management
* Audit test process for simulations related to Cyber Security, Ransom ware, IT Security Breach, etc.
* Regular communication and interaction with Epiroc Group Management and Audit Committee through monthly reports and participation in Audit Committee meetings.
* Conduct intelligence gathering in order to communicate Information Security risks and threats to stakeholders
* Serve as an advisor in all aspects related to Information Security

Skills and experience
* The ideal candidate has a bachelor or master's degree in related field of expertise together with extensive experience and solid understanding in Security, Data Protection, Cyber Security and IT Security.
* Experience as IT internal or external auditor is a plus as well as experience and/or knowledge from CISA, CISSP or CISM.
* High level of both verbal and written English is a must, an additional language is seen as a plus.
Personality
* Great communication and presentation skills in front of different forums (Division, Group Management and Audit Committee)
* Excellent risk analysis skills to be able to understand and identify risks and how different internal controls work in terms of remediating these risks
* Good understanding of the business in order to advise on the right priorities, while balancing the need to protect against running the business
* Strong ethics and adherence to Epiroc's Code of Conduct. You have a high degree of integrity and are known for "walking the talk"
* Set priorities according to importance and urgency. Ability to manage different tasks simultaneously. You are accountable and reliable to deliver what you promise
* Contribute to team performance. You can work together in a team, using combined capabilities for improved outcomes
* Accepting of cultural and personality differences. You are open-minded, curious, understand and learn from new perspectives
* Safety-minded. You see risks and act to minimize these for you and the people around you

Choose Epiroc
Epiroc has been elected as one of the top 10 most attractive employers for 2019 in Sweden by Randstad. Our highest scores were for the positive work environment, work-life balance, attractive salaries, environmentally friendly, as well as interesting work tasks.

Diversity is key to grow fresh and innovative ideas and solutions.

United. Inspired. Performance unites us, Innovation inspires us, and commitment drives us to keep moving forward.
In the 150 countries where you can find Epiroc, we encourage our employees to take ownership of their own development and careers with the support from their leaders.
We are committed to give you every opportunity to succeed in a culture of innovation, diversity and collaboration, combined with a caring atmosphere.
Diversity and sustainability are key to grow fresh and innovative ideas and solutions for our customers. Epiroc is a leading manufacturer for the mining and infrastructure industries. Learn more at www.epirocgroup.com

Does this sound interesting?
If you are interested in this position, you are welcome to send in your application as soon as possible. In this recruitment Epiroc is cooperating with Experis. If you have any questions regarding the recruitment please contact Recruitment Consultant Malin Magnusson +46 76-780 68 64/malin.magnusson@se.experis.com or Katarina Thomasson +46 70-231 28 05/ katarina.thomasson@se.experis.com