Security Governance, Risk and Compliance (GRC) Specialist
Would you grab an opportunity to provide state-of-the-art security solutions within a rapidly growing organization providing bleeding-edge technology solutions to the world?
Would you grab an opportunity to provide state-of-the-art security solutions within a rapidly growing organization providing bleeding-edge technology solutions to the world? Want to help save millions of lives by making safe and intelligent mobility real for everyone, everywhere? Excited about working with challenges that push you to learn, contribute your best, and have purpose driven impact on an everyday basis? Do you love working with brilliant peers with unparalleled expertise in various areas of security? …then Zenseact is the place for you!
Insights from the team
Enterprise and Product Security (“Security”) is an important part of Zenseact´s overall business and product strategy. Security team at Zenseact is a part of Data, Security and Digital. We support and lead the organization in any matters related to security for both Enterprise and the Product.
As a Governance, Risk and Compliance specialist you will be a vital part of Zenseact Security team and support in providing Information & Cybersecurity solutions for Zenseact's global operations. We want to get to Zero accidents faster and to make this possible Security plays an important part. As a part of the Security team you get to work on a daily basis with disruptive technologies and new types of challenges within the field of security. The Security team consists of people with different roles, and we work together as a highly integrated team, and support each other. We are looking for a self-driven person who is an excellent team player, to join our team!
Your role in a snapshot
As Security GRC Specialist your role will be to:
- Drive improvement to security levels through the identification of risks and implementation of mitigating strategies
- Maintain current view of threat landscape. Translate that knowledge to threat modelling, identification of risks and actionable plans to protect the business;
- Develop and maintain security policy/guidelines in line with standards such as the ISO27001, NIST 800-53 and CIS Framework.
- Maintain the Information security risk assessment framework, and risk register, in line with standards such as ISO27001 and CIS Framework.
- Maintain a Security overview, recommending actions arising from the output.
- Participate in a wider security awareness program, creating ideas and content, and providing orientation, educational programs, and on-going communication as required.
- Support the Head of Enterprise & Product Security in discharging security accountabilities, working across a myriad of information and cyber security related topics.
- Schedule periodic security audits for various security controls as identified by the GRC framework
- Develop and maintain a Security framework that integrates with other frameworks (e.g. Safety, Quality) as a part of Zenseact Operating Framework.
- Develop, maintain and manage an Information Security Management System inline with ISO 27001
- Develop a Zenseact GRC framework which maintains leadingpractices view point and controls requirements.
Qualifications
To be successful in this role you must have the below qualifications Minimum 4-5 years of experience from Cyber Security, with atleast 2-3 years of experience in the GRC area and/or information security in general
- In depth knowledge of Security leading practices /standards including but not limited to ISO27001, NIST 800-53, ISO 21434 etc.
- Have an understanding of security basics, ability to understand, decipher and connect dots between complex security issues.
- Experience in developing information security policies, standards, and processes /procedures
- Ability to drive, prioritize, and monitor security programs as per agreed timelines
- Excellent analytical and problem-solving skills:
- Enthusiastic, results oriented and has strategic outlook for Security
- Good communication skills and ability to lead change
- Excellent teamwork skills:
- Quick learner and able to apply past and current learnings to various Security challenges on a daily basis
- Enjoy working in an international organization with people from different cultures
- Share our Zenseact values; I dare to, I am curious, I engage, I trust and I share…with the highest integrity
In addition these qualities are good to have and will contribute well to your success:
- Experience in Vehicle Manufacturing industry within Sweden or in any other country
- Knowledge /Experience with Product Cybersecurity compliance landscape (UNECE Reg. 155, ISO 21434)
- Security certifications such as CISSP, ISO 27001 LI/LA, CISM, CISA etc.
- Experience in working with a team with diverse areas of expertise, skills, and cultural backgrounds.
How do we work?
Flexible-remote way of working: Zenseact has a flexible and modern approach, thus is happy to offer to its employees the possibility for a combination of work at the office and from home. This doesn't include fully remote work from outside Sweden/China.
More about Zenseact
Zenseact’s purpose is to make safe and intelligent mobility real, for everyone, everywhere. We develop the complete software stack for ADAS and AD, from sensing to actuation. Our focus is to build a single cutting-edge software platform in order to serve various levels of autonomy and offer unequaled scalability at the same time. We operate out of Gothenburg, Sweden and Shanghai, China. Zenseact’s first self-driving deployment will be launched on the next-generation vehicle platform from Volvo Cars.
Self-driving cars, when real, is estimated to reduce fatal car accidents with more than 85%, saving more than 50,000 persons from dying in car accidents caused by human errors each year. We feel that is a goal worth pursuing.
But technology, software, tools and datasets would not mean much without the best people behind the wheel to drive them. At Zenseact, some five hundred of the best engineering minds globally, stationed across two continents, are collaborating with the same passion: to bring autonomous driving to the streets for real and create a safer journey for everyone. This is part of our culture and how we work, develop and grow together.
Zenseact works proactively to create a culture of diversity and inclusion, where individual differences are appreciated and respected. To drive innovation we see diversity as an asset, which means we value and respect differences in gender, race, ethnicity, religion or other belief, disability, sexual orientation or age etc.
Interviews are held on a continuous basis, so we highly recommend that you submit your application at your earliest convenience.
- Department
- Engineering Roles
- Locations
- Gothenburg, Sweden
- Remote status
- Hybrid Remote
Gothenburg, Sweden
Making safe and intelligent mobility real.
At Zenseact, we lead the global movement of crafting tomorrow's mobility with the software platform of choice. Our mission is to “Make safe and intelligent mobility real, for everyone, everywhere”. This statement marks our conviction and dedication to bring autonomous driving out on the streets for real and is at the center of everything we do.
We could not dream of achieving this without our great teams of very talented people. We are on this journey together and our agile way of working is reflected throughout our entire organization; it is part of our culture and how we work, develop and grow together.
About Zenseact Sweden
Zenseact develops the complete software stack for ADAS and AD, from sensing to actuation. Zenseact’s focus is to build a single cutting-edge software platform in order to serve various levels of autonomy and offer unequaled scalability at the same time. We operate in Sweden and China.