Information Security Officer in Security Governance to SEB, Stockholm

SEB is looking for an experienced Information Security Officer to join Group Security & Cyber Defence with focus on Supplier Security assurance.

You will be a part of the Security Governance team and work with a group highly skilled professionals managing and improving SEB information security governance, security awareness & culture and security assessments. You should be able to take a strategic and holistic approach for the needs today and in the future, ensuring SEB is a trusted and reliable financial institution. The role offers you an excellent opportunity to grow and work with some of the best specialists in the industry. The position is based in Arenastaden in Stockholm and will report to Head of Security Governance.

What you will be doing?

We work at various levels with the aim to increase the bank’s resilience against all threats. Our customers security and the regulatory requirements within the area of security is one of our main priorities. Safeguarding information security within supply chains is crucial for protecting organizations, their data, and ultimately their consumers, particular since cyber supply chain incidents have become increasingly prevalent, posing significant risk to the organisations

In this role you will be part of building up our security assurance program with the objective of ensuring that our third parties adhere to our SEB’ security standards, contract agreements, regulatory requirements and industry best practise throughout the contract lifecycle. The security assurance program includes building internal organisational capabilities, training programs and resources to educate internal teams on security assurance in order to safeguard SEB’s security posture and protect our customers.

To be successful in this role you need to build a deep and broad understanding of security across SEB including governance, security requirements, regulations, our third party landscape and our business context. You should be able to take a strategic and holistic approach for the needs today and in the future, ensuring SEB is trusted and reliable financial institution.

In your role you will work closely with various stakeholders including third parties, internal stakeholders and security colleagues in order to ensure holistic security level.

Your responsibilities include:

• Be part of building our Security assurance program to ensure compliance with security requirements agreed with our 3rd party partners including regulatory requirements and industry best practises throughout the contract lifecycle
• Establish and execute on a risk-based security assurance plan
• Lead security assurance audits with 3rd parties, including onsite assessments and remote reviews
• Analyse and assess security controls and identify areas of improvement
• Communicate with management and relevant stakeholders on findings, recommendations and the status of assurance activities
• Collaborate with cross functional teams to develop remediation plans and monitor progress
• Ensure the confidentiality, integrity, and availability of information assets and systems
• Develop and maintain a deep understanding of relevant regulatory requirements and compliance frameworks
• Create training programs and resources to educate internal teams on third-party security assurance
• Support internal stakeholders to improve SEB’s capabilities to manage security through the lifecycle of our third party arrangement process
  
  

Who are we looking for:

You are a social, open, communicative, and ambitious team player full of drive and optimism. We also believe that you are a problem solver with an innovative, service minded and flexible mindset. All with high integrity and ethical standards with the best interest of SEB and its customers in mind.

Furthermore, we are looking for the following experience:

• Bachelor’s or masters degree in computer science, information security, information technology or relevant field. Minimum 8 years of experience in security audit or similar
• Familiar with regulatory requirements and security frameworks such as FI FFFS, ISO 27001/2, NIST 800-53, CIS 18, Soc 2, PCI-DDS or DORA.
• Relevant certifications (e.g., CISA, CISSP, CISM, CRISC) are preferred and considered an advantage.
• Experience in developing and maintain audit programmes
• Experience in supply chain security or vendor management
  
  

The selected candidate for this role will need to undergo an extended background screening before an offer can be issued.

Ready to take the next step on your career journey?

Welcome to our inclusive culture, where our shared values inspire and uplift our team. We celebrate diversity and strive to ensure every employee feels seen, heard, and valued.

Since we select candidates continuously, feel free to send in your application today, but no later than 2024-11-20. If you have questions about the position, contact Christine Dovander via [email protected]

Learn more about working at SEB www.sebgroup.com/career

It is our fundamental belief that inclusion and diversity is crucial for our future success. We strive to have an inclusive, value driven culture where employees feel valued, respected and involved irrespective of who they are, what they believe or where they come from.