IT Security & Risk Officer Cybersecurity Governance & ISMS
About this role
We are looking for a structured and experienced IT Security & Risk Officer in Gothenburg to support cybersecurity governance activities within a mature ISO 27001 certified environment.
You will play a key role in coordinating and maintaining Information Security Management System (ISMS) activities, supporting compliance initiatives, and planning both internal and external security audits.
This assignment is ideal for a consultant with strong organizational skills, experience in security compliance, and the ability to work closely with multiple stakeholders in an international environment.
š Location: Gothenburg, Sweden
š£ Language: English
š Experience Level: Junior to Mid-Level (3ā6 years)
Your Responsibilities
Coordinate and maintain ISMS documentation, activities, and follow-up actions
Plan and coordinate internal ISO 27001 audits and external certification audits
Support cybersecurity governance and compliance initiatives
Perform gap analyses and contribute to continuous improvement activities
Support risk management activities and threat analysis (TARA)
Ensure alignment with security frameworks and regulations including:
ISO 27001
NIS2
UNECE R155 / R156
Collaborate with cross-functional teams in an agile environment
Support security reporting, planning, and follow-up activities
Required Skills & Experience
3ā6+ years of experience within:
IT Security
Governance, Risk & Compliance (GRC)
Security Compliance
Hands-on experience working with ISMS in an ISO-certified environment
Experience coordinating internal and external security audits
Strong organizational, communication, and coordination skills
Good understanding of:
Risk management
Threat analysis
TARA methodologies
Professional proficiency in English (spoken and written)