Director of Information Security
Job Title: Director of Information Security
Location: Stockholm, Sweden
Reports to: CTO
You overall responsibility will be to make sure all CLX Communications information assets and services are protected in an adequate manner. The position bears the responsibility for structuring security initiatives aligned with security programs and business objectives across our divisions. Our Enterprise division offers CPaaS services deployed in our data centers and cloud whereas our Operator division license software solutions deployed in a mix of private and public cloud environments. Our IT function supports all employees across divisions.
You will be leading a continuous cycle of analysis, planning and implementation of security improvements with a view to protect corporate, customer and employee data from being compromised. Input to your analysis work will be your personal experience from leading IT and information security improvements, security regulations, security standards, industry security news, customer requirements and internal product and service development initiatives.
You will be presenting proposed improvements, implementation status and plans to the Executive team and from time to time to senior management with customers and suppliers. You will be working directly with security practitioners in our Product Management, Operations, Engineering and IT teams to implement and verify agreed security policies and improvements. You will also be providing input and guidance into product development projects when it comes to security requirements and best practices.
We are looking for an individual that enjoy switching between strategic security roadmap work and engaging with software engineers and IT Operations teams to support them as they build security into our products, infrastructure and business models.
CLX Communications has operations in most regions of the world, as such the role include some travelling from time to time. Fluency in written and spoken English is assumed.
Tasks and Responsibilities
- Define and drive our overall security strategy for our administrative IT functions, production CPaaS infrastructure and Mobile Operator software offerings
- Develop security KPIs that will help us to continuously improve our security effectiveness
- Lead security risk assessment, risk classification and risk control identification work
- Lead and coordinate development of internal security policies, controls and procedures
- Ensure compliance is maintained against company security standards, industry standards and relevant regulations
- Participate in Business Continuity Planning, implementation and auditing as it relates to information security
- Keep management apprised of security progress, risks, corrective actions and recommended changes to execution tactics
- Provide security training to internal teams
- Represent the company in security related presentations made to external parties
- Maintain a current understanding of IT/IS threats for the industry
- Lead Root Cause Analysis work security incidents, develop short term responses and long term mitigations
- Perceived as a senior leader in the security area across internal and external stakeholders
- Technical depth to quickly understand large scale software and infrastructure deployments
- Engage naturally with engineers and managers to truly understand security challenges and options
- Ability to write concise guidelines and policies and documentation
- Ability to engage effectively with C level stakeholders to drive change across various business functions
- Excellent communication skills in English – both verbal, presentation and written
- Able to work independently and drive progress by coordinating resources across teams
- Independent thinker combined with integrity to challenge mainstream and default solutions
- Demonstrates ownership and accountability, takes actions to solve challenges and issues
- Exam in Software Engineering, Computer Science, Information Systems or equivalent background
- At least 10 years’ experience from leading roles in information security disciplines
- In depth knowledge about security standards and regulations
- Best practices in web and cloud security
- Solid understanding in Operating system and IP networking level security principles and practices
- Working understanding of large scale transactional systems design, software and infrastructure
- Project management skills to organize and drive cross functional initiatives