Join us on our transformation journey to the digital futureAt Group Digital & IT, we have a clear ambition to enable value creation at scale for the Volvo Group. With a new product centric operating model and digital technologies, we will produce digital offerings that are profitable, scalable, and differentiated. With Group Digital & IT, you will be part of a global and diverse team of highly skilled professionals, who learn continuously and embrace change to stay ahead. We have a very important role to play in reaching the Volvo Group ambitions for 2030. Do you want to be part of our transformation journey towards becoming the digital capability of the Group? The time is now.
Mission and contextThe EITS RCA Manager will focus on managing, assessing and documenting Volvo Group’s compliance and risk posture as they relate to its IT/OT assets. You will make sure, amongst other things, that 1) security requirements, internal processes and procedures are defined and updated, 2) risk are identified and managed, 3) controls are tested and that 4) exceptions are managed. By doing so, you will be at the forefront of the development and implementation of an EITS-wide IT/OT security risk management program and control environment.
You will be closely working together with senior leaders across Group Digital & IT and Group Security, and conduct effective analysis, analyze standards & regulations, and support in risk assessments and the development of directives, requirements and handbooks.
The successful candidate reports directly to the Senior Vice President of Enterprise IT Security.
Main Responsibilities- Lead the development and implementation of EITS-wide risk management function of the IT/OT program to ensure IT/OT risks are identified, monitored and reported
- Create regular risk & compliance reports and make recommendations to management regarding the adequacy of risk mitigating activities, security controls and compliance efforts
- Support and advice asset owners on IT/OT security risk management process
- Manage IT/OT security risk approvals/rejections through their lifecycle
- Facilitate development of the IT/OT security strategy, in particular considering Volvo Group’s security and enterprise risk strategy
- Ensure that activities, processes, and procedures within EITS meet defined directives, requirements, and regulations
- Work with auditors to satisfy internal and external audit requirements
- Provide input for IT/OT security decisions to ensure alignment with overall GD&IT strategy
- Facilitate IT/OT security compliance programs, in particular dealing with increasing number of audits, compliance checks and external assessment processes
- Support in responding to inbound customer security enquiries and questionnaires (e.g., as part of RFPs/tenders) for IT and OT across all Volvo Group
Requirements and Qualifications- 5+ years of advanced IT skills with a high level of information secrutiy experience & expertise
- Knowledge of information security risk management frameworks, risk management methodologies and compliance practices
- Understanding of common security and privacy standards, regulations, and laws (e.g., ISO 27001/2, GDPR)
- Ability to understand security requirements and guidelines based on best practices and industry standards
- Advanced understanding of and experience with GRC tools, strong leadership, and written and verbal communication
Industry certification/qualification- CISA, CRISC, Certified Business Continuity Professional
Are we a good match?In the Volvo Group, we have defined leadership as a set of observable behaviors that leaders exercise to achieve alignment towards our vision 2030, to better execute our strategy and for the Group to continuously renew itself in order to “Perform and Transform”. To reach our vision and deliver on our strong commitments, we need to pair “the will” with “the skill”. That is why our leadership principles are behavioral based. The principles
Lead with Passion, Perform with Purpose and Transform with Vision are our values in action, and they will strengthen our culture.
In your role as Line Manager, we expect you to develop your area of responsibility by having the ability to define the right priorities based on a
customer centric mindset. We encourage the ability to
drive business forward and act upon opportunities and ideas and transform them into value (financial, cultural, or social) for others. We create an environment where of
continuously improvements and learning maximize the outcome of our work.
To achieve our goals, we
collaborate within and across teams. We create a sense of
unity and trust by nurturing open dialogues and collective work. We build a work environment where
diversity in expertise, opinion and culture is valued.
The location for the position is Gothenburg, Sweden.Union representatives for Swedish applicants:Akademikerna – Therese Koggdal, +46 470 387855
Unionen – Johan Svedberg, +46 31 3222712
Ledarna – Ulrika Holmberg, +46 31 3225071
We are happy to get your application.Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.