- Esmane info
Business Continuity, Security & Facility team is looking for Information Security and Business Continuity Lead!
The IS & BC Lead is responsible for maintaining information security management and business continuity framework to ensure that assets and business processes are adequately protected. This position is responsible for identifying, evaluating and reporting on IS & BC risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. This position´s focus in information security is on Information Security Management System and physical security set-up. IT and cybersecurity related activities are carried out in cooperation with Ericsson IT department.
As an IS & BC Lead, you will:
Develop, maintain and publish up-to-date information security and Business Continuity policies, guidelines and procedures. Oversee the approval, training, and dissemination of security and business continuity policies and practices.
Monitor the external threat environment for emerging threats, and provide regular reporting on the status of the security and business continuity risks to teams and senior business leaders
Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security or business continuity event. Provide direction, support and in-house consulting in these areas.
Understand and interact with related disciplines to ensure the consistent application of policies and standards across all business units, including, but not limited to, privacy, risk management, compliance and business continuity management.
Ensure that security programs comply with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
Liaise among the corporate security and business continuity teams as required.
Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
In this role, it is important you have:
Higher education (Bsc, BA or higher)
2-year experience in the field of information security and/or risk management
Knowledge of ISO 22301, ISO 27001 (Lead auditor or Lead Implementer certifications preferred)
Good written and verbal communication skills and strong organizational skills
Project management skills: financial/budget management, scheduling and resource management
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
Experience developing and maintaining policies, procedures, standards and guidelines
Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
Opportunity to grow in diverse team and develop your career with us
Influence industry 4.0 development
Engaged and speak up environment
Work & life balance, sport opportunities etc