Information Security Specialist
Workplace: Botkyrka, Sverige
Expires: October 7, 2025
As an Information Security Specialist at DeLaval, you will play a key role in the global efforts of information and cybersecurity, responsible for developing and managing risk management processes, supporting IT and business operations, and enhancing security awareness across the organization.
Main requirements:
- Minimum six years of experience in information security and risk management in a similar role
- Bachelor's degree or higher in information security, computer science, IT or equivalent practical experience
- Practical experience conducting detailed risk analyses in IT and cybersecurity environments
- Experience developing and implementing risk management strategies at management level
- Good knowledge of relevant frameworks such as ISO 27001, ISO 27005, ISO 31000, COSO, NIST CSF, and preferably NIS 2
- Fluent in English both spoken and written
- Strong analytical and strategic thinking skills
- Excellent communication skills, able to explain complex issues to technical and non-technical audiences
- Proactive, self-driven, solution-oriented, and a team player
- Good problem-solving skills and adaptability to changing conditions
- Highly structured, meticulous, and engaged in information security issues
Responsibilities:
- Develop and implement a framework for information and cybersecurity risk management based on relevant standards (e.g., ISO 27000 series, NIST CSF, ISO 31000, COSO)
- Identify, analyze, and document security risks in close dialogue with the business
- Conduct third-party risk assessments ensuring compliance from suppliers
- Follow up and improve policies, procedures, and guidelines related to information security
- Support the information security manager in designing security strategies and reporting
- Conduct training and workshops on risk awareness and information security
- Contribute to monitoring and interpreting new security threats and regulatory requirements
- Participate in internal audits and follow up on identified risks and action plans
Required hard skills:
- Information and cybersecurity risk management
- Risk assessment and analysis in IT environments
- Knowledge of international security frameworks and standards (ISO 27001, ISO 27005, ISO 31000, COSO, NIST CSF, NIS 2)
- Policy and procedure development
- Training and workshop facilitation
- Internal audits and compliance monitoring
- Fluency in English
Recommended hard skills:
- Knowledge of Swedish language
- Knowledge of additional languages such as Polish, Chinese, or Spanish
- Experience with cybersecurity frameworks implementation
Soft skills:
- Analytical and strategic thinking
- Strong communication and pedagogical skills
- Proactive and self-driven
- Team-player and collaborative
- Problem-solving and adaptability
- Structured and meticulous
- Strong engagement in information security
Frameworks:
- ISO 27000 series
- NIST Cybersecurity Framework (CSF)
- ISO 31000
- COSO
- ISO 27001
- ISO 27005
- NIS 2
Natural languages:
- English (Proficient)
- Swedish (Basic familiarity)
- Polish (Basic familiarity)
- Chinese (Basic familiarity)
- Spanish (Basic familiarity)
Cultural skills:
- Working in an innovative and sustainable global company environment
- Collaboration and knowledge sharing
Apply for this job
You might also like:
- PLM Technician with expertise in Teamcenter
- Test Automation Engineer at Kebne
- L2 Support Engineer / Field Engineer
- Production Technician – Tool Preparation in Catia V5/Delmia V5
- Senior Data Scientist in Economic Crime Prevention
- Software Developer
- .NET Developer Malmö
- Frontend Engineer
- Project Manager - Product Information
- Software Developer at Kebni