Security and Compliance Lead

About this opportunity:

We are seeking a highly skilled Security and Compliance Lead to join our team. As the Security and Compliance Lead for product areas integrating built-in security principles, your role is to ensure the security and compliance of products throughout their entire development lifecycle. This role comes under Product Area Customer Experience - Enterprise IT unit. You will lead the integration of security practices, collaborate with cross-functional teams, and foster a security-aware culture.

What you will do:

• Integration of Security Practices: Lead the integration of security practices into the Product Area (PA) workflow, ensuring security is embedded at every stage of the development process. Collaborate with development, operations, and security teams to implement security controls, automate security testing, and establish security checkpoints within the CI/CD pipeline.
• Built-in Security Features: Work closely with product development teams to design and implement built-in security features and controls. Conduct threat modeling exercises and integrate security controls directly into the product architecture and design.
• Security Automation and Orchestration: Utilize automation and orchestration tools to streamline security processes and workflows. Automate security scans, vulnerability assessments, and compliance checks, while orchestrating security tasks and responses to security incidents.
• Security Training and Awareness: Collaborate with the IT Security & Compliance team to provide tailored security training and awareness programs. Educate developers, operators, and other stakeholders about secure coding practices, cloud security fundamentals, and DevSecOps principles.
• Security Governance and Compliance Reporting: Adhere to governance frameworks for IT security practices and develop compliance reporting mechanisms to ensure alignment with industry standards and regulatory requirements.

The skills you bring:

• 10+ Years working experience in Security and Compliance.
• Analytical skills with proficiency in understanding information flows and strong analytical abilities.
• In-depth knowledge of security standards such as ISO 27000, NIST SP 800-53,
• NIST 800-171, GDPR, NIS 2, SSDF.
• Leadership experience leading global teams with high integrity and collaboration skills.
• Deep understanding of the operational interface between business and IT.
• Ability to prioritize and collaborate with various stakeholders to align IT-Security Solution delivery with organizational strategy.
• CISA, CISM, CISSP, ISO Lead Auditor, SAP Certification.
• Experience in a similar role within a large, complex organization.
• Security clearance is required.

Job Location: Sweden & India