Assignment Description:
We are looking for a Senior Cybersecurity Risk & Quality Assurance Manager to join our dynamic team.
What You’ll Do:
- Integrate cybersecurity risk management into the Enterprise Risk Management (ERM) framework, ensuring that all risks are identified, assessed, and effectively mitigated.
- Oversee and maintain the Security Control Framework aligned with industry standards such as NIST CSF and CIS Controls, ensuring comprehensive risk coverage and strong security controls.
- Manage the Threat Catalogue, regularly updating it to address emerging threats and shaping corresponding mitigation strategies.
- Define and drive a comprehensive cybersecurity quality assurance program, including penetration testing, red team exercises, vulnerability scanning, and control testing.
- Lead a continuous improvement program to adapt and enhance cybersecurity controls based on emerging threats, audit findings, and business needs.
- Ensure regulatory compliance by managing cybersecurity practices in alignment with applicable regulations and supporting regulatory audits and reporting.
- Develop and maintain cybersecurity reporting, including KPIs, KRIs, and maturity assessments, to measure the effectiveness of the security program and support decision-making processes.
What You Bring:
- 5+ years of experience in cybersecurity risk management, security control frameworks, and quality assurance.
- Expertise in security frameworks such as NIST CSF and CIS Controls, with hands-on experience in internal control testing, audits, and vulnerability assessments.
- Proven ability to drive continuous improvement programs and ensure the operational effectiveness of cybersecurity controls.
- Relevant certifications such as CISSP, CISM, or CRISC.
- Fluency in both Swedish and English.
- Familiarity with hybrid environments (on-premise and cloud) and experience with Lean-Agile or DevSecOps methodologies.
If this sounds interesting, please send your CV to cv@veritaz.se
