Are you ready to shape Volvo's risk management capabilities together with us?
At Volvo Group we put great value towards effective and efficient cyber security. Risk management is an essential part of the puzzle, rendering high management attention. In this role you will work closely to our cyber security team and business stakeholders to identify, assess, mitigate and report on cyber risks to support a balanced distribution of responsibility and risk ownership across the group. We are looking for both senior and junior candidates. This is us, your new colleagues
Volvo Group drives prosperity through transport solutions, offering trucks, buses, construction equipment, power solutions for marine and industrial applications, financing and services that increase our customers’ uptime and productivity. Founded in 1927, the Volvo Group is committed to shaping the future landscape of sustainable transport and infrastructure solutions.
We, at Enterprise IT Security, are on a mission to secure the digital journey for the Volvo Group. We work closely together with stakeholders across several Truck Divisions (TDs), Business Areas (BAs), and Group Functions (GFs). While the BAs are responsible for driving the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance, and security.
With Enterprise IT Security (EITS), you will be part of Group Digital & IT (a Group Function). A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. Enterprise IT Security works in close collaboration with other security functions throughout the organization. Together we strive for a best-in-class cyber security posture.
Your team will be the Risk, Compliance and Audit (RCA) within EITS. An ambitious new team that values growth. We are a new function that orchestrates the identification, assessment, mitigation, and reporting of IT and OT security risks. We assess and monitor compliance with external and internal security requirements and oversee IT related audits and mitigating activities. This is how you can make an impact
Your main tasks and responsibilities include:
- Developing our IT and OT security risk management framework
- Establishing processes and procedures for continuous IT and OT security risk management
- Working closely with a range of stakeholders to identify IT and OT security risks
- Conducting risk assessments
- Reporting on risk exposure
- Identifying and advising on effective measures to mitigate risks
- Following up and reporting on mitigation activities
- Advising and assisting colleagues in the area of IT and OT security risk management
- Driving our agenda to continuously improve our risk management capabilities
To be successful in this role you should have an urge to learn and develop. Keep up to speed with the threat and risk landscape, the regulatory environment, our business strategies, emerging technologies and how new technologies and ways of working alter our risk and control posture. Who are you?
You are a motivated person that contributes to both successful completion of our objectives, as well as to the team spirit of EITS, RCA. You are well structured with an ambition that makes you complete tasks within given timeframes, and you equally enjoy working in a team as well as your own tasks. To be succesfull in this role you should have:
- Genuine interest in cyber security
- Experience of IT and/or OT security risk management
- Good insight in risk management frameworks
- Experience with conducting risk assessments
- Communicating risks to all levels of the organization, executives as well as subject matter experts
- Master’s/Bachelor's degree or equivalent experience
- Fluent English speaker
- Possession of, or willingness to earn, relevant certifications, such as CRISC, CISM, CISSP, CISA, or other risk management or cyber security related certifications.
- Experience in third party risk management, due diligence, and assessments/audits
- Practical understanding of Industry Standards such as ISO27000 series, NIST framework.
As a member of the RCA team, you will be supported in your growth and work in an environment of highly passionate and motivated people, that value psychological safety and trust among their team members.
You shall possess personal attributes to enable acting professionally in accordance with our principles and be:
Are we the perfect match?
- Service minded
- Tenacious, persistent, and focused on achieving objectives and delivering on time
- Decisive, and capable of reaching timely conclusions based on logical reasoning and analysis.
Yes, we are if you want to join the journey of building RCA into a high-performing team that has fun at work while delivering great stuff. You contribute with your personality and experience from the IT risk management field, and we give you the right context, a supportive manager and a great opportunity to grow in a multinational global organization. Curious?
Send in your application and learn more about the role and how we can help each other on our future journey! For more information or any questions, contact Bianca, Head of Cyber Security Risk Management at firstname.lastname@example.org
. Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.