Manager of Information Security IT & IS · Stockholm

Imagine that you could be a part of making future retail safer, easier, and more fun. At Extenda Retail, we are a dream team of different experts that creates frictionless, game-changing software for major retail and supply chains around the globe. Join a workplace where hobbies, passions and careers come together when we innovate tomorrow’s retail experience.

Are you dreaming about becoming a CISO and want to accelerate your path there?

As our Manager of Information Security you will be on a clear path to becoming a seasoned CISO. You will be charged with operationalising and implementing the Information Security Policy which outlines our high level ambitions in Info- and Cyber Security. We offer you exposure to a progressive multi-cloud SaaS company that takes security seriously and you will have the opportunity to influence services used by some of the largest retailers in the world.

About the role

You will:

• Be the “Trusted Advisor” and subject matter expert on Info- & Cyber Security. With a cross-functional mandate, you will collaborate with key stakeholders across the organization
• Operationalise and implement the Extenda Retail Group Information Security Policy, Security Objectives and the ISMS
• Lead the work to secure the Extenda Retail corporate infrastructure and implement third party controls, awareness training, risk assessments etc.
• Engage with our product organization on product security matters; gain exposure to our cutting edge Hii Retail platform built in Google cloud as well as the more traditional client-server products with large on-prem installations etc.
• Host regular company wide updates on matter relating to security
• Engage with our MSSP to ensure high quality output
• Engage with our Client Success organization to assist in security audits, product security and solution security
• Engage with, and influence our Security Operations
• Be the guardian of our ISO27001 certification
• Monitoring of the external threat landscape

How will your first 3-6 months look like?

Build a solid understanding of our existing security posture and activities. Mobilize your virtual team consisting of stakeholders across the organization to help deliver first of class security practices.

Review and mature the ISMS, existing policy and procedures to ensure they are aligned with your ambitions.

Prepare for our ISO27001:2022 maintenance audit and start building our security objectives and plans for 2025.

Getting an idea of our current tech stack

You will have the opportunity to work with a wide range of vendors. As a heavy adopter of cloud we have solutions in both Azure, GCP and AWS. In our corporate tech stack you will also find workspace, MS SQL/SSIS/Power BI, Salesforce CRM (sales cloud, experience coud, pardot etc.), Dynamics Business Central, Atlassian suite (Jira/Confluence), Slack etc. Our Hii Retail product is built in native Google Cloud.

Who you are / Who we are looking for

You are an experienced technologist and communicator who has extensive experience of Information Security practices. You have experience of managing and improving an ISO27001 based ISMS. You are comfortable addressing large audiences and you know what it takes to train and coach others. You are also experienced in conducting and coordinating security audits and risk assessments.

We’d love for you to have a passion for security and privacy and are seriously concerned over how data of organizations and individuals can be protected in the increasingly digital and AI-driven world. Ideally you also have an InfoSec certification (e.g. CISSP) already, but if you don’t, we will support you in gaining the relevant training!

You are a mature and confident leader with a passion for “doing the right thing”, balancing risk with business objectives.

We look forward to having you on board!