Information Security Compliance Specialist to Trygg-Hansa

As our new senior Information Security Compliance specialist you will act as information security authority and advisor for IT & the business on IT compliance matters. You will manage and develop our IT control framework and audit processes, to ensure that our compliance setup is value adding from both a business and senior management perspective. Additionally, you will work closely with the rest of the Information Security team to link our internal control framework, risk assessments and external supplier risk assurance to mitigate our key risks in collaboration with IT and the business. You will be part of a strong and dedicated Information Security team of app. 16 people.

About the role

• Manage and developing our IT Risk Appetite control framework, to ensure control efficiency and effectiveness, and to deliver value adding management reporting on our key risks.
• Facilitate the control validation process, and support control owners and 2nd line assurance throughout the process.
• Conduct in depth spot-check of control effectiveness.
• Facilitate IT compliance process.
• Define, review and publish IT policies, SOPs and other compliance guidelines.
• Facilitate internal and external IT audits and function as link between IT organization and internal as well as external audit.
• Perform risk assessments and advise the business on Information Security matters.
• Conduct awareness training and define security guidelines for IT and the agile teams to operate.

About you

• 5+ years of experience with Information Security, Strong knowledge of security standards, tools, trends and legal requirements such as GDPR.
• Able to demonstrate good understanding of security related technologies and services such as security network, firewalls, cloud solutions and penetration testing to a level where you can advise the business.
• Experience with audits – possibly you have had a previous role as internal or external auditor
• Strong communication skills and able to keep a good relationship to internal and external stakeholders.
• Structured and persistent – able to make structure and oversight, and influence others in a constructive and pragmatic manner to get “fit for purpose” security implemented in the organization.
• Able to use insight on details in context – to add value and not get “stuck” in details.
• Work independently, proactive and feel comfortable in taking even difficult decisions.
• Strong writing as well as presentation skills.
• You are fluent in English and one of the Nordic languages

About the team

The CISO organisation consist of two teams; Information Security Management and Information Security Operations. Our CISO refers to the Scandinavian CIO. You will report to the Manager of Information Security Management and operate in a Scandinavian role across Sweden, Denmark and Norway. The position is based in Malmö or Copenhagen and some travel must be expected.

Welcome with your application

Trygg-Hansa collaborates with Wise IT in this recruitment process. You apply by following the link “Ansök utan CV”, please note that applications are not accepted by e-mail. For further information about the role, please contact recruitment consultant Anders Johansson by mail anders.johansson@wiseit.se or phone +46 702 306 3526.

About Trygg-Hansa

RSA is one of the world’s largest general insurance companies (top 6) with 20 million customers and 24.000 employees world-wide.

Our objective is to run general insurance businesses, with strong market positions, that deliver sustainable profitable performance. We provide insurance products and services in over 130 countries and have operations in more than 33 countries.

In northern Europe our business is managed through RSA Scandinavia, with strong local businesses and brands in Codan (Denmark), Trygg-Hansa (Sweden) and Codan Forsikring (Norway).