Your Challenge
As CISO, you are responsible for the Information Security and Data Privacy department. Data privacy regulations are being strengthened outside GDPR and the EU and need global coordination in terms of regulatory compliance. As a CISO, you report to the CIO and are a key member of the global IT management team. In the role, you are also expected to act as program manager for the ongoing implementation of Petronas cyber security framework in terms of IT- as OT-environments.
This includes to:
- Develop and maintain information security and data privacy for the Perstorp Group
- Manage security- and risk- related aspects of data protection and of information security as well as the legal compliance of Data Privacy in global context
- Lead in continued aligning and implementation of Perstorp Information Security framework with the PETRONAS cybersecurity framework.
- Improve and align the Information Security Lead System to PETRONAS Cyber Security Governance Framework based on NIST.
- Manage and coordinate data privacy activities for global compliance
- Supervise and conduct internal information security and data privacy audits and audits of new services and products as well as assisting external audits
The Team and Workplace
You will be part of the Group IT management team and work closely with our Cyber Security Officer as well as our Cyber Security team, where we work in close collaboration with both local and global units. With us, you get a modern work environment with flexible working methods and the opportunity to influence the company´s security strategies on both a local and global level. You will report directly to the CIO and work closely with the IT management team. The office is located in Perstorp, with possibility to work remotely several days a week.
About You
To be successful in the role, we expect you to have deep knowledge in Information Security, as well as experience in leading security work in an international environment.
You thrive in a role where you can influence and drive change and look forward to further developing your leadership and security skills in a global context.
You have experience with security frameworks such as NIST, ISO 27001, CIS Critical Security Controls as well as legal requirements from the Data Protection Regulation. It is meritorious if you also have knowledge of legislation such as NIS directives and security protection laws. It is also an advantage if you have experience working with security in cloud solutions.
You create understanding, progress and trust though responsibility and clear, effective and engaging communication, ensuring that you engage different parts of the organization in safety matters.
As a person, you have a strategic way of thinking, a drive and willingness to support and find solutions. You are a structured person with great analytical skills. You are confident in communicating in Swedish and English both verbally and in writing.