IT Security & Risk Officer Cybersecurity Governance & ISMS
Amaris ABPublicerad: 2026-05-19
Ansök senast: 2026-05-29
Beskrivning
We are looking for a structured and experienced IT Security & Risk Officer in Gothenburg to support cybersecurity governance activities within a mature ISO 27001 certified environment.
You will play a key role in coordinating and maintaining Information Security Management System (ISMS) activities, supporting compliance initiatives, and planning both internal and external security audits.
This assignment is ideal for a consultant with strong organizational skills, experience in security compliance, and the ability to work closely with multiple stakeholders in an international environment.
📍 Location: Gothenburg, Sweden
🗣 Language: English
📅 Experience Level: Junior to Mid-Level (3-6 years)
Your Responsibilities
Coordinate and maintain ISMS documentation, activities, and follow-up actions
Plan and coordinate internal ISO 27001 audits and external certification audits
Support cybersecurity governance and compliance initiatives
Perform gap analyses and contribute to continuous improvement activities
Support risk management activities and threat analysis (TARA)
Ensure alignment with security frameworks and regulations including:
ISO 27001
NIS2
UNECE R155 / R156
Collaborate with cross-functional teams in an agile environment
Support security reporting, planning, and follow-up activities
Required Skills & Experience
3-6+ years of experience within:
IT Security
Governance, Risk & Compliance (GRC)
Security Compliance
Hands-on experience working with ISMS in an ISO-certified environment
Experience coordinating internal and external security audits
Strong organizational, communication, and coordination skills
Good understanding of:
Risk management
Threat analysis
TARA methodologies
Professional proficiency in English (spoken and written)
Nice to Have
Experience with incident response activities
Exposure to GDPR and Cyber Resilience Act (CRA)
Experience working in agile environments
What We Offer
An international community bringing together 110+ different nationalities
An environment where trust has a central place: 70% of key leaders started their careers at entry-level positions
A robust training system with an internal Academy and 250+ available learning modules
A vibrant workplace with frequent internal events (afterworks, team buildings, etc.)
A strong commitment to sustainability, giving you the opportunity to turn ideas into action and make a tangible impact
Through the WeCare Together program, the opportunity to design and lead projects with real social or environmental impact, with full company support
Salary Range: From 38,333 SEK to 56,667 SEK (gross per month)
The stated salary falls within the established salary range for the position and is determined based on experience, skills, and level of responsibility, in accordance with our policy of fair and non-discriminatory compensation.
Amaris Consulting is proud to be an equal-opportunity workplace. We are committed to promoting diversity within the workforce and creating an inclusive working environment. We welcome applications from all qualified candidates regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability, or other characteristics.
Who are we?
Amaris Consulting is an independent technology consulting firm providing guidance and solutions to businesses. With more than 1000 clients across the globe, we have been rolling out solutions in major projects for over a decade - this is made possible by an international team of 7,600 people spread across 5 continents and more than 60 countries. Our solutions focus on four different Business Lines: Information System & Digital, Telecom, Life Sciences and Engineering. We're focused on building and nurturing a top talent community where all our team members can achieve their full potential. Amaris is your steppingstone to cross rivers of change, meet challenges and achieve all your projects with success.
At Amaris, we strive to provide our candidates with the best possible recruitment experience. We like to get to know our candidates, challenge them, and be able to give them proper feedback as quickly as possible. Here's what our recruitment process looks like:
Brief Call: Our process typically begins with a brief virtual/phone conversation to get to know you! The objective? Learn about you, understand your motivations, and make sure we have the right job for you!
Interviews (the average number of interviews is 3 - the number may vary depending on the level of seniority required for the position). During the interviews, you will meet people from our team: your line manager of course, but also other people related to your future role. We will talk in depth about you, your experience, and skills, but also about the position and what will be expected of you. Of course, you will also get to know Amaris: our culture, our roots, our teams, and your career opportunities!
Case study: Depending on the position, we may ask you to take a test. This could be a role play, a technical assessment, a problem-solving scenario, etc.
As you know, every person is different and so is every role in a company. That is why we have to adapt accordingly, and the process may differ slightly at times. However, please know that we always put ourselves in the candidate's shoes to ensure they have the best possible experience.
We look forward to meeting you!
You will play a key role in coordinating and maintaining Information Security Management System (ISMS) activities, supporting compliance initiatives, and planning both internal and external security audits.
This assignment is ideal for a consultant with strong organizational skills, experience in security compliance, and the ability to work closely with multiple stakeholders in an international environment.
📍 Location: Gothenburg, Sweden
🗣 Language: English
📅 Experience Level: Junior to Mid-Level (3-6 years)
Your Responsibilities
Coordinate and maintain ISMS documentation, activities, and follow-up actions
Plan and coordinate internal ISO 27001 audits and external certification audits
Support cybersecurity governance and compliance initiatives
Perform gap analyses and contribute to continuous improvement activities
Support risk management activities and threat analysis (TARA)
Ensure alignment with security frameworks and regulations including:
ISO 27001
NIS2
UNECE R155 / R156
Collaborate with cross-functional teams in an agile environment
Support security reporting, planning, and follow-up activities
Required Skills & Experience
3-6+ years of experience within:
IT Security
Governance, Risk & Compliance (GRC)
Security Compliance
Hands-on experience working with ISMS in an ISO-certified environment
Experience coordinating internal and external security audits
Strong organizational, communication, and coordination skills
Good understanding of:
Risk management
Threat analysis
TARA methodologies
Professional proficiency in English (spoken and written)
Nice to Have
Experience with incident response activities
Exposure to GDPR and Cyber Resilience Act (CRA)
Experience working in agile environments
What We Offer
An international community bringing together 110+ different nationalities
An environment where trust has a central place: 70% of key leaders started their careers at entry-level positions
A robust training system with an internal Academy and 250+ available learning modules
A vibrant workplace with frequent internal events (afterworks, team buildings, etc.)
A strong commitment to sustainability, giving you the opportunity to turn ideas into action and make a tangible impact
Through the WeCare Together program, the opportunity to design and lead projects with real social or environmental impact, with full company support
Salary Range: From 38,333 SEK to 56,667 SEK (gross per month)
The stated salary falls within the established salary range for the position and is determined based on experience, skills, and level of responsibility, in accordance with our policy of fair and non-discriminatory compensation.
Amaris Consulting is proud to be an equal-opportunity workplace. We are committed to promoting diversity within the workforce and creating an inclusive working environment. We welcome applications from all qualified candidates regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability, or other characteristics.
Who are we?
Amaris Consulting is an independent technology consulting firm providing guidance and solutions to businesses. With more than 1000 clients across the globe, we have been rolling out solutions in major projects for over a decade - this is made possible by an international team of 7,600 people spread across 5 continents and more than 60 countries. Our solutions focus on four different Business Lines: Information System & Digital, Telecom, Life Sciences and Engineering. We're focused on building and nurturing a top talent community where all our team members can achieve their full potential. Amaris is your steppingstone to cross rivers of change, meet challenges and achieve all your projects with success.
At Amaris, we strive to provide our candidates with the best possible recruitment experience. We like to get to know our candidates, challenge them, and be able to give them proper feedback as quickly as possible. Here's what our recruitment process looks like:
Brief Call: Our process typically begins with a brief virtual/phone conversation to get to know you! The objective? Learn about you, understand your motivations, and make sure we have the right job for you!
Interviews (the average number of interviews is 3 - the number may vary depending on the level of seniority required for the position). During the interviews, you will meet people from our team: your line manager of course, but also other people related to your future role. We will talk in depth about you, your experience, and skills, but also about the position and what will be expected of you. Of course, you will also get to know Amaris: our culture, our roots, our teams, and your career opportunities!
Case study: Depending on the position, we may ask you to take a test. This could be a role play, a technical assessment, a problem-solving scenario, etc.
As you know, every person is different and so is every role in a company. That is why we have to adapt accordingly, and the process may differ slightly at times. However, please know that we always put ourselves in the candidate's shoes to ensure they have the best possible experience.
We look forward to meeting you!
