Senior IT Security & Risk Officer

Job Description
Our client is seeking a highly organized and detail-oriented Senior IT Security & Risk Officer to support cybersecurity governance activities within the Digital Services domain. This role is based at Lindholmen, Gothenburg, and focuses primarily on Information Security Management System (ISMS) coordination, audit planning, governance administration, and compliance support within a mature ISO 27001 certified environment.
The assignment is well suited for a consultant with solid experience in Governance, Risk, and Compliance (GRC), particularly within structured and regulated environments. The selected professional will collaborate closely with cybersecurity teams, auditors, and stakeholders to ensure security governance activities are effectively coordinated and continuously improved.
Key Responsibilities
ISMS Coordination & Governance Support
Coordinate and maintain ISMS-related documentation, governance activities, and security management plans.
Support ongoing administration and coordination activities within the cybersecurity governance function.

Audit Planning & Compliance Coordination
Organize and oversee internal ISO audits as well as external certification audit activities.
Manage audit schedules, evidence collection, action tracking, and reporting processes to ensure compliance readiness.

Risk & Security Assessment Support
Assist in reviewing and quality-assuring risk assessments and Threat Analysis and Risk Assessments (TARAs) conducted by internal teams.
Support security governance processes by ensuring consistency and adherence to established standards.

Regulatory & Framework Compliance
Contribute to compliance initiatives related to ISO 27001, NIS2, UNECE R155/R156, and other relevant regulatory frameworks.
Support gap assessments and continuous improvement activities as new security standards and requirements are introduced.

Continuous Improvement Activities
Collaborate with stakeholders to enhance governance processes, improve security documentation, and strengthen compliance procedures.
Monitor follow-up actions and support the implementation of corrective measures identified during audits and assessments.

Required Experience
3–5 years of experience within IT Security, Governance, Risk & Compliance (GRC), or security compliance functions.
Hands-on experience working with ISMS frameworks and audit coordination within ISO-certified environments.
Strong understanding of risk management methodologies and threat analysis concepts.
Proven experience in governance coordination, planning, and documentation management.

Education
Bachelor’s degree in Information Technology, Cyber Security, Information Security, Risk Management, or a related discipline is preferred.
Required Skills
ISO 27001
IT Security Governance
Governance, Risk & Compliance (GRC)
Audit Coordination
Risk Management
Security Compliance
ISMS Administration
Threat Analysis & Risk Assessment (TARA)
Documentation & Reporting
Security Governance

Preferred Qualifications & Knowledge
Familiarity with NIS2, GDPR, CRA, or UNECE R155/R156 regulations.
Experience working in agile delivery environments.
Exposure to incident response and security operations activities.
Swedish language proficiency is considered an advantage.

Personal Attributes
Highly structured and detail-focused approach to work.
Strong planning, coordination, and organizational capabilities.
Effective communicator with excellent stakeholder management skills.
Ability to work independently while collaborating across multiple teams.
Proactive mindset with a focus on continuous improvement and governance excellence.

Language Requirement
English – Professional proficiency required
Swedish – Preferred but not mandatory

Application Method: Interested candidates can apply by sending their profile to hr@semiconservicenordic.com