Information Risk and Compliance Officer

Job Title: Information Risk and Compliance Officer

Location: Sodertalje, Sweden (Hybrid)

Employment type: Contract

We are seeking a structured and delivery-focused Information Risk and Compliance Officer to support the Information Security Officer and Cybersecurity Manager within Production & Logistics at Scania. This role combines operational cybersecurity support, governance work, and structured documentation activities. The consultant will contribute to strengthening security processes, supporting risk assessments, and ensuring that procedures and documentation are clear, accurate, and aligned with security requirements. The work will be performed in close collaboration with the Senior Cybersecurity Expert and the Area Information Security Officer and requires the ability to work in a structured and proactive manner across multiple stakeholders and functions.

Examples of tasks include

• Support daily operational cybersecurity tasks for the Information Security Officer and Product Cybersecurity Manager
• Assist in performing IRAM assessments and follow-up activities
• Prepare documentation, reports, presentations, and other supporting materials
• Contribute to security governance, processes, and coordination activities
• Rewrite and improve shopfloor IT procedures and guidelines to ensure clarity, accuracy, and compliance
• Collaborate with stakeholders across Production Units (PRUs), P&L IT (IN), Maintenance, and Logistics
• Assist in understanding the implications of the Cyber Resilience Act (CRA) for Production & Logistics

Required Competence

• Experience working with information security, cybersecurity support, risk management, or compliance-related activities
• Experience supporting governance processes, documentation work, or coordination of security-related activities
• Strong documentation and analytical skills and the ability to structure complex information clearly
• Ability to collaborate with both technical and operational stakeholders
• Fluent communication skills in Swedish and English

Meriting Experience

• ISO 27000 certification or experience working with ISO 27001 frameworks
• Knowledge of the Cyber Resilience Act (CRA)
• Experience working with Cybersecurity Management Systems (CSMS)
• Experience from industrial or manufacturing environments
• Experience working with IT/OT environments

Personal Competencies

• Structured and detail-oriented working style
• Strong analytical ability
• Proactive and solution-oriented mindset
• Strong collaboration and communication skills
• Ability to translate complex information into clear documentation
• High quality focus in documentation and governance work