Do you want to monitor and guide the Vattenfall IT organization about IT & Information security risks while staying on top of the latest digital security trends, technologies, laws and regulations? Do you also know this area well, have a pragmatic attitude and like to work in a dynamic international environment? Then you might be the Vattenfall IT Risk Officer that we are looking for to further strengthen our 2nd line of defense security function.
IT Security is an increasingly important area for Vattenfall business areas, which is facing ambitious digitalization agendas as well as increasing cyber threats and regulations. Therefore we are looking for an experienced and ambitious person who is not afraid of asking critical questions and that constantly strives for improvement of how we manage risks around IT security and how we should mitigate these risks.
You will report directly to our Head of IT Quality within the CIO Office, but also have reporting duties to other functions in Vattenfall, e.g., Enterprise Risk Management and Corporate Security & Resilience.
Main tasks and responsibilities
You will be responsible for the planning, execution, reporting and improvement of the risk management framework within Vattenfall IT. This requires the continuous alignment with key stakeholders within the organization, to ensure the proper identification, assessment of and response to risks that could affect the security, stability and compliance of our operations. Responsibilities include:
• Maintaining the risk assessment methodology, framework, and metrics up to international standards (such as ISO 27000, 31000, COSO ERM), perform risk analysis on a tactical and strategical level and consequently report the current Vattenfall IT risk landscape to general management.
• Performing risk assessments including analysing current risks and identifying potential IT and information security risks that are affecting the company
• Managing end-to-end risk remediation planning, resolution, and monitoring activities.
• Communicate risk policies and processes within Vattenfall IT, including leading, managing, and motivating staff across the organization to improve IT risk management to achieve tactical and strategic goals
• Develop and deliver management oriented Risk Management, metrics, governance, and reporting to support business and executive decision making.
• Risk reporting tailored to the relevant audience, including reporting to Vattenfall Enterprise Risk Management and Security Risk Management
• Ensuring strong and positive working relationships across the Vattenfall organization including IT Security Operations, Risk stakeholders within IT and business organization, and the Enterprise Risk Management and Corporate Security and Resilience unit
• Build and maintain an external network with other senior IT risk professionals, as well as applicable risk forums/bodies
As Vattenfall IT Risk Officer you will interact with many stakeholders in the Vattenfall, as an advisor and problem solver, which will require good experience, knowledge, problem solving, and communication skills. We look for people with the following skills:
• A thorough understanding of risk management and control of IT systems, IT Security controls and the professional skills and abilities to develop, manage and oversee the VIT Risk management process in alignment with IT Governance, IT Security, Data Protection and VIT Strategy
• Good problem solving skills, including structuring, resolving, and communicating solutions around IT Risk management.
• Good analytical, numerical and reporting skills to assess, quantify and report IT and also business risks related to IT.
• Ability to take ownership of outcomes & the ability to work with business and IT teams to confront issues and drive performance. You take initiative and are proactive in addressing and resolving issues.
• Good communication skills, including both written and spoken communication.
• Good networking and interpersonal skills including good co-operation and collaboration capabilities in a distributed work environment.
• Also you have proven technical or project management experience of IT infrastructure and/or application security areas/projects.
Your Background
To be successful in this position we believe that you have:
• An education and experience equivalent to a Bachelor’s degree with major course work in business, public administration, and/or information systems.
• A minimum of 4 years of experience in a relevant IT position in an international/corporate environment
• Fluency in written and spoken English. Good Swedish, German, Dutch language skills are of additional value.
• You have risk management related certification (CRISC, ISO27000, ISO 310000)
• Project management capabilities as Certification IPMA D are expected, IPMA C is also of high value.
At Vattenfall, we are convinced that striving for diversity helps building a more profitable, efficient and attractive company. Therefore, we seek a harmonious balance of employees in terms of age, religion, gender identity & expression, sexual identity, disability and ethnic background.
The location for the position is flexible across our Vattenfall main locations. We believe that you have possibility to travel regularly to build international relationships within the team and the relevant stakeholders, e.g. to the main Vattenfall locations like Stockholm, Berlin, Hamburg, Amsterdam, Gliwice, or Katowice.
The scope of the work is Vattenfall IT, which is organized internationally. Employees are located in the Netherlands, Germany, Sweden, and Poland.
Our Offer
Vattenfall is an exciting company to work for and we believe we have a lot to offer
• The opportunity to work for a clean energy company that aims for creating fossil free energy within one generation.
• A challenging and international work environment and the possibility to work with some of the best in the field.
• Work in interdisciplinary teams where you can always count on support from committed and professional colleagues
• A professional environment where your knowledge and competence will be appreciated
• A healthy work-life balance (smart working) and time to develop your profession
• An international and multi-cultural work environment with energetic, motivated colleagues that like to have fun as well!
We welcome your application in English, the last day to apply is October 3rd, 2021.
We look forward to receiving your application!
For more information about the position you are welcome to contact hiring manager Fredrik Österberg via phone +46 70 294 0368. For more information about the recruitment process please contact Caroline Grammenos via phone +46 72 224 9701.
Trade Union representatives in Sweden via Vattenfall´s switchboard +468-739 50 00
Sofi Wadström (Akademikerna)
Inger Strandberg (Unionen)
Christer Gustafsson (Ledarna)
Lennart Bengtsson (SEKO).
Since Vattenfall is part of the Swedish critical infrastructure many of our positions are security classed. This position is security classed, and final candidates will be subject to a security vetting process, according to the Swedish legislation and after agreement with the applicants.