Vacant job

We are a well-funded startup building tools to help society withstand and adapt to security threats, natural disasters, extreme weather, and other risks. Our platform enables simulation, scenario planning, incident management, and early warning, and is used in environments where availability, robustness, and security are crucial.

We work closely with actors within government agencies and critical infrastructure, which entails high demands for both technical security and compliance with regulatory requirements.

We are looking for a Senior IT & Information Security Officer who wants to help build and develop security work in a business where security is a central part of the operations.

This is a senior and business-close role for you who thrive in the intersection between security, technology, and business. As one of the first security functions in the company, you will have significant mandate to influence how we work with information and IT security. The role is hands-on and involves you driving and executing large parts of the security work in close collaboration with the business.

You will work closely with leadership, product, and technology in an environment where regulatory requirements, societal benefit, and security go hand in hand.

• Ensure compliance with the Security Protection Act, NIS2/Cyber Security Act, and ISO 27001
• Drive the organization's work within information security, IT security, risk management, and incident management
• Responsible for information classification, information labeling, security policies, and other governing documents
• Establish and lead incident and crisis management processes and act as the primary contact point for relevant authorities during incident reporting
• Conduct vendor assessments and due diligence work with a focus on supply chain security
• Develop and implement educational initiatives within information and cyber security
• Report security status, risks, and compliance to leadership and other decision-makers
• Translate regulatory, operational, and security-related requirements into product strategy, priorities, and business improvements

You are a pragmatic and action-oriented person who thrives in a role where you combine strategic thinking with operational execution. You naturally take ownership, build trust with various stakeholders, and have the ability to bring the organization along in security matters.

You appreciate environments where much is still under construction and where you have the opportunity to influence both working methods and direction.

• Extensive experience working within information security, IT security, or security governance
• Documented experience in applying the Security Protection Act and NIS2/Cyber Security Act in practice
• Experience in developing and implementing security processes, governance models, and risk management work
• Experience working in complex environments with many stakeholders and high demands for security and compliance
• Ability to translate regulatory and business requirements into concrete actions and priorities
• Fluent in Swedish and English, both spoken and written

Experience working according to ISO 27001 as well as certifications such as CISSP, CISM, or equivalent is advantageous.

Competitive compensation and long-term upside in a company with strong growth and a clear societal benefit purpose.

A flexible work environment with a large mandate to influence, where you get the opportunity to build and develop security work in close collaboration with leadership, product, and technology.

For final candidates, we conduct a thorough background check via an external provider. The role is subject to security clearance.