Vacant job

At Avaron, you get the security of a permanent position combined with the variety of working on-site with different clients. We recruit specialists in everything from technology, IT, and industry to project management and business support – and regardless of the assignment, you have a consultant manager there for you and your development.

You will step into a central role in a larger municipal operation where IT security is crucial for stable, secure, and sustainable digital services. Here, you will have overall responsibility for the IT security services throughout their lifecycle and become the connecting link between operations, IT, cyber security functions, suppliers, and other key stakeholders.

The role combines strategic, tactical, and operational work. You lead and coordinate development within reactive and proactive security work, compliance, and governance, with the goal of raising the organization's security capability to a more mature and long-term sustainable level. This means you contribute to a better ability to prevent and detect threats, while strengthening control, follow-up, and structure.

This is an exciting opportunity for you who want to make a real impact on security work in a complex environment with socially important and business-critical IT.

• You are responsible for ensuring that IT security services are appropriate, cost-effective, documented, and managed over time.
• You lead, coordinate, and further develop the work within IT security, focusing on reactive, proactive, governing, and follow-up measures.
• You drive the shift towards higher security maturity and a more long-term sustainable security level.
• You translate identified risks, business needs, and security requirements into prioritized measures.
• You coordinate requirements and expectations from various stakeholders and create clarity between operations, IT, and external parties.
• You create, develop, and manage governing documents such as service descriptions, service plans, maintenance plans, and development plans.
• You contribute to strengthened control and follow-up of IT security services and monitor developments in relevant regulations and standards.

• At least three years of work experience in IT security, cyber security, IT governance, or service management.
• At least three years of experience in the role of service owner, as well as experience in creating and managing service descriptions, service plans, maintenance plans, development plans, or equivalent governing documents.
• Experience in risk management and in translating identified risks, business needs, and security requirements into prioritized measures.
• Good understanding of central IT security areas, such as SOC, SIEM, EDR, IAM, vulnerability management, incident management, email security, and network security.
• At least 5 years of experience in municipal operations.
• Knowledge of relevant laws, regulations, and standards within information and cyber security, such as NIS2, the Cyber Security Act, GDPR, and ISO/IEC 27001.
• Fluent in Swedish, both spoken and written.

• Experience in procurement, ordering, implementation, or change of IT security services.
• Experience in defining and monitoring SLAs, KPIs, and other metrics for IT security services.
• Experience from a large and complex organization with socially important or business-critical IT.

• Permanent employment at Avaron AB
• Pension plan
• Wellness allowance of 5,000 SEK per year

We are recruiting continuously – please apply as soon as possible.