We deliver! PostNord is the leading supplier of communication and logistics solutions to, from and within the Nordic region. We ensure postal service to households and businesses in Sweden and Denmark. With our expertise and strong distribution network, we develop options for tomorrow’s communication, e-commerce, distribution and logistics in the Nordic region. In 2017, the Group had around 31,000 employees and sales of just over SEK 37 billion. The parent company, PostNord AB, is a Swedish public limited company headquartered in Solna, Sweden. Visit us at www.postnord.com
The position as Risk and Compliance Manager for all companies in the Nordic region including Sweden, Norway, Denmark and Finland, is new within Group Function IT. We are searching for a person with the responsibility to formalize risk management and to establish our compliance program in the Nordics. This is a rare opportunity to join a dynamic, international and industry-leading business, with a smart and high-performing team, in a continuously growing technology and service industry that makes a positive difference in the lives of customers across the Nordics every day. In the role as Risk and Compliance Manager we offer you a varied, alternating work with great responsibility in a Nordic organization, adapting to new business models.
The role means that you are the Key Nordic supporter, point of contact and contributor to IT risk and compliance issues. You report to CISO/Head of Information Security and have a dotted line reporting to Enterprise Risk Management. You will work in close cooperation with senior managers, our Data Protection function in all companies as well with our security experts and large, global suppliers.
The Risk and Compliance Manager shall contribute, by expert knowledge within the area of Risk management, to the development of PostNord Information Security and Privacy Framework in order to ensure efficient governance. Also, to coordinate Internal and External Audit activities within IT and, with respect of applicable laws and regulations, support with IT risk assessments.
We are not looking for just a risk and compliance manager; the successful candidate will always play with and for the team. You have a sharp mind and a passion to work close to the business and support with easily accessible practical advice and solutions as well as being a structured thinker. You are service-minded and prone to take initiative and ownership. The successful candidate will likely have a strong academic record and a minimum 3 years of experience from the area of risk management working preferably in the information security function of a company within the IT, telecom or industrial sector.
Your interest in IT and related products as well as the will to contribute to the development of methods and tools in order to cope with future challenges in our area will be a great benefit to us.
Academic degree in information security area or equivalent knowledge and skills acquired through work experience and continuing professional education, supplemented by CRISC, CISA, CISM, CISSP or other certifications.
Solid skills in Risk Management and Information Security is an advantage. Excellent and well-documented information security skills with focus on IT risks. Familiar with standards for information security and risk such as Standard of Good Practice, ISO/IEC 27001, ISO 31000, ITIL and COBIT.