Vacant job

About the role

We are currently recruiting a ISO Compliance & Cyber Security Lead for a growing fintech company. This is a central role in the organization, involving overall responsibility for ISO work, cyber security, compliance, and governance related to quality, information security, and cyber security.

In this role, you are responsible for ensuring the company's ISO work is active, closely aligned with business operations, and always audit-ready. The work encompasses standards such as ISO 27001, ISO 9001, and ISO 14001, as well as regulatory requirements and laws related to cyber security, such as the Swedish Cyber Security Act. In addition to ISO work, you will play a key role in driving and developing the company's information security and cyber security efforts, where you identify risks, define security requirements, and ensure the organization works systematically to protect the business against external threats.

You will lead and drive the work by defining requirements, controls, measures, and working methods. The implementation of technical security measures is carried out by other internal or external parties, while you work closely with the business to ensure the organization follows the structures and processes that are established. You will work closely with the company's management and become a key person in developing structures, driving improvement work, and strengthening the organization's work with quality, risk, information security, and cyber security.

Your future responsibilities

In this role, you are responsible for developing and driving the organization's work with ISO and cyber security, ensuring that the company's work is structured, integrated into the business, and continuously monitored.

Your main areas of responsibility include, but are not limited to:

• Own and develop the company's ISO work, including policies, processes, and control structures.
• Ensure compliance with standards such as ISO 27001, ISO 9001, and ISO 14001.
• Drive and develop the organization's work with information security and cyber security at the governance level.
• Identify cyber security risks and propose measures to strengthen the organization's protection against external threats.
• Establish and monitor controls related to information security and cyber security, such as access management, logging, monitoring, and vulnerability management.
• Drive the organization's work with risk analyses, incident management, and deviation management.
• Coordinate and monitor internal audits, external audits, and certifications.
• Interpret and translate regulatory requirements, such as the Cyber Security Act, into practical working methods and controls within the organization.
• Support management by clearly reporting risks, status, and areas for improvement.

We are looking for someone who has

Experience working with ISO, information security, and cyber security, and who thrives in a role where you drive structure, governance, and improvement work in organizations.

Requirements

• Experience driving or managing ISO work and/or ISO management systems.
• Experience with information security and/or cyber security governance at the management level.
• Experience with risk management, audits, or compliance work.
• Ability to translate regulations and security requirements into concrete processes, controls, measures, and follow-ups.
• Experience working closely with business and management on issues related to compliance and risk.

Meritorious experience

• Experience with work related to the Cyber Security Act or similar regulatory requirements within cyber security.
• Experience with internal audits or coordination of external audits or certifications.
• Experience from SaaS, fintech, or other mission-critical environments.
• Experience with supplier audits or third-party risk.

As a person, you are independent, structured, and analytical, with a good ability to communicate complex issues in a clear, pedagogical, and business-relevant way. You are confident in setting requirements, driving change, and following up to ensure decisions are actually implemented in the organization.

Other information

• Start: As soon as possible
• Location: Northern Stockholm (Norrort)
• Scope: Full-time
• Employment type: Permanent with an initial probationary period

Please apply as soon as possible as we are conducting ongoing selection.

About Wrknest

At Wrknest, we don't do things like everyone else. We believe in constantly daring to see new opportunities and think differently. When we started, it was to challenge old ways of recruiting.

We live in an era of rapid digital development. Knowledge needs to be continuously renewed to remain relevant. Therefore, it is crucial to be able to pivot quickly. This means we do not solely look at a candidate's CV during recruitment. Instead, we look at the total potential and offer individualized upskilling. In this way, we can quickly match the knowledge needs that exist right now. Read more at www.wrknest.se (http://www.wrknest.se).