ICT Risk Officer – Cyber Security and Resilience
- Sundbyberg, Stockholm
- Permanent
- Heltid
- Develop Swedbank's top-down approach to cyber risk and operational resilience, from a second line perspective, considering regulatory requirements, standards and best/practices (such as EU DORA, EBA guidelines, ISO 27001/5, Cobit, and TOGAF).
- Integrate the concept of cyber risk management in wider operational resilience domains and risk management framework, including controls, reference architecture, strategy, governance, processes.
- Collaborate with other subject matter experts to provide cutting-edge advice and support to first line on cyber risk, cyber security, security architecture
- Independently assess, monitor and report on current and emerging risks on cyber, AI, ICT, third parties and business continuity/disruptions.
- Exercise credible challenge, validation and oversight on first line practices on cyber, ICT, third parties and business continuity-related risks and processes.
- Work closely together with first line of defence specialist units to keep cyber, ICT, third parties and business continuity-related risks within risk appetite.
- A bachelor's or master's degree computer science, business administration, law, cyber security, data, political science, or equivalent.
- At least 10 years of experience in the fields of cyber security, cyber resilience and/or cyber risk management.
- Hands-on experience from hybrid environments, security architecture and specialisation in domains such as modern identity and access management, information protection, endpoint security, network security, application security, data security, incident detect & response, and/or continuity/recovery.
- Hands-on experience in working with industry best-practices, reference architecture, and control frameworks, credentials/certifications are beneficial.
- Understanding of risk-, supervisory and regulatory landscape on operational resilience, security, governance, and operational risk management, from financial services- or other highly regulated industry.
- Business-value and outcome-driven approach with an interest in tech, resilience and security and keeping up to date with emerging trends, tech and threats.
- The ability to work strategically yet challenge details and communicate and interact with stakeholders throughout the organisation, specialists and executives alike, and being a trusted advisor and making sense of the complex.
- Self-reliant and methodological problem-solver that gets stuff done yet with a collaborative, curious and engaging approach
- Personal and professional growth through self-leadership and continuous development.
- Meaningful work that positively impacts our workplace, our customers, and society.
- An open and collaborative culture that encourages cross-functional teamwork and provides networking opportunities.
- A supportive and inclusive environment that promotes a balanced and sustainable work-life, with flexible working conditions when suitable for the role.