Information Security Specialist
Description:
Epiroc’s Information Security function develops and improves the information security within Epiroc. This is a great opportunity to be part of building a function and creating new ways of working – not just administering existing structures.
Join our team
As an Information Security Specialist, you will be part of the central Information Security organization with the objective of supporting the whole Epiroc organization and to reduce risk and security exposures across the Epiroc Group. You will report to the Head of Information Security.
Your mission
The mission for the role as an Information Security Specialist is to understand the threat landscape, improve the effectiveness of Epiroc's Cyber Security Program and protect business assets. We help the business to identify Information Security risks and required mitigating activities.
You will be responsible for the Security Awareness Training area and develop and deliver training on our new security awareness platform. Raising awareness and educating employees and business partners is a key activity in building a security culture.
As our Information Security Specialist, you will:
• Take the lead in developing and delivering Security Awareness Training
• Participate in risk assessments to reduce risk and security exposure for Epiroc
• Participate in the planning of information security risk assessments to examine and verify security capabilities and controls related to Epiroc’s information assets
• Communicate risk assessment findings and provide risk remediation guidance to key stakeholders
• Identify opportunities to improve risk posture and give advice for risk mitigation
• Develop and maintain risk management standards, processes and templates
• Participate in developing the Information Security Management System (ISMS)
• Participate in developing and delivering Supply Chain security assessments
• Manage information security projects
• Assist in M&A Activities to evaluate information security requirements
• Participate in improving Information Ownership & Classification
• Assist in developing intellectual property Asset Management
• Supporting the business in creating Business Impact Analyses
• Business Continuity support
• Participate in improving our Threat Intelligence and in monitoring & reporting information security KPIs
• Liaise with the IT Security team
Your profile
For this role we would like to see that you have a Bachelor's Degree in Business Information Systems, Cybersecurity, Computer Science, or a related field. Or if you have equivalent work experience.
You have at least 3-5 years of experience in the field.
High level of both verbal and written English. Additional languages are a plus.
Knowledge of regulatory compliance, including information security management frameworks (e.g., ISF Standard of Good Practice, NIST CSF, ISO2700x, SANS Top 20 Critical Security Controls, SOX, COBIT), is preferred.
Security certifications such as CISSP, CISA or CISM is a plus.
As for your personal skills we are looking for someone who has great communication and presentation skills. You have the ability to translate technical language into business terms, work independently, establish plans, report status and deliver according to plan. You also have a great business understanding together with analytical skills.
Location and travel
Location is depending on the candidate, preferably Stockholm, Sweden. Global travel may occur.
In case a candidate from a different country applies and is successful, Swedish local terms and conditions will apply.
Application and contact information
Please send your application, including CV and personal letter, by creating an account in our recruitment system as soon as possible but no later than 15th of June.
We review applications on a rolling basis. Please note that, due to the current regulations, we will only consider applications received through our system and not via email or social media.
For questions about the position please contact hiring manager Urmas Aamisepp, Head of Information Security on .
For questions about the recruitment process or application please contact: Recruitment specialist Dana Galova .
Life at Epiroc
By joining our team, you can expect an atmosphere of creativity, innovation, and workplace diversity. You will be a part of a group of skilled and helpful colleagues who live by our core values: Collaboration, Commitment, and Innovation. We work in a global environment with over 113 different nationalities!
In addition to the fact that we have a culture that is characterized by development combined with having a good balance between work and leisure, there are some things that makes us a little extra proud to work at Epiroc:
• Global career opportunities
• Epiroc University, for your own competence development
• Community involvement
• Benefits package, which amongst other things include flexible working hours and bonus.
A hybrid workplace
Life at Epiroc can include the possibility for a hybrid workplace. It is a way of working that offers flexibility and participation allowing for a better balance between work and private life, which also promotes well-being. The hybrid workplace is an opportunity if work allows, based on your role, responsibilities, and individual conditions.
United. Inspired. Performance unites us, Innovation inspires us, and commitment drives us to keep moving forward.
In the 150 countries where you can find Epiroc, we encourage our employees to take ownership of their own development and careers with the support from their leaders.
We are committed to give you every opportunity to succeed in a culture of innovation, diversity and collaboration, combined with a caring atmosphere.
Diversity and sustainability are key to grow fresh and innovative ideas and solutions for our customers. Epiroc is a leading manufacturer for the mining and infrastructure industries. Learn more at