Chief Information and IT Security Officer (CISO)

Are You Ready to Work at One of Sweden's Largest Tech and Security Consulting Companies and Contribute to a Smart and Resilient Society? As Chief Information Security Officer (CISO) at Combitech, You Will Protect Our Internal Operations and Help Our Customers Safeguard Their Critical Assets. What We Offer At Combitech, we invest in our employees, who are the core, brain, and heart of our operations. We do this by focusing on your skills development and making it easy to balance work and everyday life. Our employees are key to building a smart and resilient society. We know that today's technology can only reach its full potential when the right people are in the right place utilizing it. We believe in the power of collective intelligence and experience - something that emerges when individuals with different skills and perspectives meet. That's why we prioritize diversity and inclusion, knowing it is crucial for increasing creativity, innovation, engagement, and well-being. Our customers span the public, private, civil, and military sectors - at all societal levels. We work with critical societal functions, total defense, and security protection. Additionally, we stand on a solid foundation of high-technology, research, and employment security, with defense and security group Saab as our owner. What the Role Entails As Information and IT Security Chief at Combitech, you will be responsible for leading and developing the systematic information and IT security work for our Swedish operations and Finnish and Indian subsidiaries, while also contributing to our parent company Saab's information security efforts. The position is part of our central security team, where you will report directly to the Security Chief. Your primary task is to coordinate Combitech's information and IT security work and contribute to the digitalization journey we are undertaking as a company. You will be responsible for conducting long-term work from strategic, tactical, and operational perspectives. We offer a diverse and varied role where you will monitor the external environment, ensure compliance with legal and contractual requirements, coordinate external audits, plan and conduct internal audits, develop and refine governing documents, processes, and methods, and serve as an expert in current operational and development projects. In this role, you will contribute to increased security awareness among our employees through advice and training, support risk assessments, define security requirements, coordinate IT system accreditation, and be responsible for incident management in the area. The role also involves close collaboration with our customers and supervisory authorities, and since we are part of Saab AB, cooperation with the group's security functions is a natural part of your work. The primary location for this position is Växjö or Linköping, but Stockholm and Lund may also be possible for the right candidate. This position involves regular travel for work. As the position involves work covered by defense secrecy, you must complete and pass a security review with register control. Selection will be ongoing. We look forward to your application! What We Are Looking For To be successful in the role, it is important that you have a strong commitment to information and IT security issues and can work independently to drive your projects forward while collaborating well with others. You are a solution-oriented person who can handle complex situations systematically and have a pedagogical and business-oriented approach. It is important that you have a good ability to express yourself verbally and in writing in both Swedish and English. Great importance will be placed on personal suitability. We are looking for someone with relevant education in information and/or IT security, and previous experience leading information security and/or IT security work in some form. We seek someone with experience working with security protection legislation and the ISO 27000 series, as well as other relevant regulations or best practices such as NIS, NIST, CIS Security Controls, etc. Additionally, it is meritorious if you have experience with Microsoft products, modern cloud-based solutions and Internet of Things (IoT), certification in information and/or IT security such as CISSP, CISA, CISM, ISMP, ITIL or equivalent, or certification in agile working methods, such as Product Owner or Scrum Master. Technical IT security competence is also meritorious. This can include protective measures, forensics, penetration testing, security testing, or vulnerability scanning. Knowledge of data protection work (GDPR) and/or NIS/NIS2, and experience from companies or authorities in total defense or critical societal functions is a plus. Experience in planning, leading, and conducting external and/or internal audits is also meritorious. Contact Person: Emil Engström, emil.engstrom (@) combitech.