Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO), C-level

Location: Gdańsk, Poland (hybrid - Marynarki Polskiej 163 C200 Office)

Travelling to Norway, Oslo sometimes.

Contact: Agnieszka Myśliwczyk

About Volue

Volue stands as Europe's premier independent software provider to the energy and grid industry. We deliver cutting-edge solutions that optimize energy production and physical power trading for major European producers, directly accelerating the energy transition and digitalization of critical infrastructure.

Scale & Impact

• 800+ professionals across Europe
• €160M+ forecasted revenue for 2025
• Headquartered in Norway with European operations
• Strategic backing from Advent International, Generation Investment Management, and Arendals Fossekompani (AFK)
  
  

Responsibilities

This is a strategic & hands-on role at the same time! No boredom guaranteed! 👍

We are now seeking an experienced and strategic Chief Information Security Officer (CISO) to lead our information security efforts, ensuring the protection of our systems, services, and customers.

As CISO, you will be the domain expert on cyber security in Volue, responsible for developing, maintaining, and improving our information security management framework. Your work will safeguard our software development, customer-facing systems, and corporate environment. You will collaborate closely with leaders across the organization, external stakeholders, and relevant authorities to ensure compliance and best practices in information security.

What You Will Be Doing To Make a Difference

• Develop, lead, and continuously improve Volue’s Information Security Management System (ISMS) and related documentation.
• Foster a culture of information security awareness across the organisation, including regular communication, training, and guidance for all employees at every level.
• Oversee Volue compliance with applicable security standards, data protection legislation, and industry best practices.
• Collaborate with the CTO to ensure secure software development and customer-facing systems.
• Set requirements for operational IT and physical security in cooperation with the Head of IT Operations & Digitalisation.
• Lead internal and external information security audits, manage follow-up actions, and drive continual improvement.
• Act as Volue’s primary point of contact for all security-related matters, including incident investigation and response, with clear reporting to executive leadership and relevant authorities
• Perform and maintain corporate-level risk analyses and oversee segment-specific assessments.
• Measure and report on the maturity and cyber security posture of the organization.
• Maintain valuable networks with authorities and industry actors
• Provide expert guidance for cyber security in commercial and pre-sales activities.
  
  

Skills & Experience

What We're Looking For Professional Experience

Essential Requirements

• Minimum 5 years of relevant experience from information security related work within the software industry:
• experience in managing projects across teams or departments
• Experience with Information Security standards and regulatory compliance e.g. NIS2, GDPR and DORA:
• good understanding of software development
• understanding of agile practices
• Experience from working in an international company and with English as the main working language:
• experience with Risk Management
• ideally experience in assessing 3rd party and open source components regarding Cyber Security
• Frameworks, vendor risk management and supply chain security
• Ideally experience with guiding, preparing and executing security certifications and attestations like ISO27001 and SOC2
• Experience with incident response leadership
• Experience with management and board level reporting
  
  

Preferred Qualifications

• Third-party and open-source security assessment experience
• Minimum 2 years as CISO in SaaS software companies
• ISO27001 and SOC2 certification guidance experience
• Enterprise SaaS security architecture background
  
  

Educational Foundation

• BSc/MSc in Computer Science or equivalent with software development focus
• Cybersecurity specialization through education or substantial practical experience
• Project Management certification (preferred)
  
  

Personal Skills

• Structured
• Self-starting & self-driven
• Ability to insist where necessary and to compromise where reasonable
• Good interpersonal skills
• Mentorship and team development, including lateral leadership in project structures
• Ability to convince with arguments and to achieve buy-in to changes
• Ability to drive topics forward, if required also against resistance and through escalation levels
• Good verbal and written communications skills in English, including the skill to communicate security topics across different groups, from the board-level to technical development, IT and Operations-teams
• Good crisis communication skills
• Cultural adaptability
  
  

Reasons To Join Volue Team And What We Offer

• Large degree of influence within the role
• Highly engaged colleagues in one of Europe’s only scaled green tech companies, within an innovative and international work environment
• Competitive compensation package
• Flexibility with meaningful autonomy
  
  

Contact

Contact: Agnieszka Myśliwczyk