Vacant job

Avaron AB is a growing consulting company focused on technology, finance, and operational support. We match your expertise with the most interesting assignments in the market and offer a platform where your development is at the center.

We are looking for an experienced specialist in information security with a focus on the EU directive NIS2. You will support an organization in implementing NIS2 and adapting work processes to the new Swedish cybersecurity legislation and related regulations. The assignment involves leading and coordinating the implementation work, with a clear focus on governance, risk, incident management, and compliance.

You will play a central role in establishing and anchoring routines and processes for information security, as well as ensuring that management and relevant functions have the right insight into regulations and responsibilities.

• Lead and coordinate the implementation of NIS2 and related cybersecurity legislation.
• Map digital systems and support the work of clarifying ownership (e.g., asset owners).
• Conduct information classifications and risk analyses.
• Develop and establish processes for incident management in line with directive requirements.
• Ensure that personal data processing is conducted in accordance with legislation and governing documents.
• Support supplier controls from an information security perspective.
• Work with registration and access management in the organization's reporting system (ISDB).
• Contribute to anchoring and communication so that relevant parts of the organization understand the requirements and can work systematically with compliance.

• Experience in information security.
• Experience in coordinating and developing information security work.
• Knowledge of personal data processing according to legislation.
• Experience in information classifications and risk analyses.

• Knowledge of MSB's regulations on information security, the NIS directive, and confidentiality legislation.
• Previous experience from similar projects and organizations.
• Documented experience in leading information security work.
• Good competence in information security as well as relevant laws, regulations, and governing documents.
• Knowledge of project management and process and system development.

Our positions may be filled before the application deadline, as we handle applications on an ongoing basis. We therefore recommend that you apply as soon as possible.