IT Security & Risk Officer

Om jobbet

Job Description

We are seeking a proactive IT Security & Risk Officer for our client to support cybersecurity, risk management, and compliance initiatives across the organization. The role is cross-functional, combining strategic security development with hands-on operational execution.

Key responsibilities include:

Performing and quality-assuring Threat Analysis and Risk Assessments (TARAs)

Supporting and participating in security audits

Managing and improving operational cybersecurity processes

Driving a "Security by Design" culture across teams

Ensuring compliance with ISO 27001, NIS2, UNECE R155/R156, CRA, and GDPR

Applying lean governance principles to strengthen risk posture while maintaining business value delivery

Collaborating with Enterprise Architecture and DevSecOps teams

Aligning security with architecture, product development, and operational stakeholders

The role focuses on strengthening cybersecurity capabilities while reducing business risks and maintaining strong delivery capacity.

Skills Needed

Required Skills:

Security Governance

ISO 27001

NIS2

GDPR

UNECE R155/R156

CRA (Cyber Resilience Act)

CIA Triad (Confidentiality, Integrity, Availability)

TARA (Threat Analysis & Risk Assessment)

Preferred Skills:

Agile methodologies

AWS

Automotive cybersecurity standards

Incident Response

Crisis Management

Digital Forensics

Education

Bachelor's or Master's degree in:

Cybersecurity

Information Security

Computer Science

Information Technology

or equivalent professional experience.

Relevant certifications (preferred but not mandatory):

ISO 27001 Lead Implementer / Lead Auditor

CISSP

CISM

AWS Security Certification

Language Requirement

English - Proficient

Apply via email: hr@semiconservicenordic.com