Cybersecurity compliance and risk officer

This is us, your new colleagues 

Volvo Group drives prosperity through transport solutions, offering trucks, buses, construction equipment, power solutions for marine and industrial applications, financing and services that increase our customers’ uptime and productivity. Founded in 1927, the Volvo Group is committed to shaping the future landscape of sustainable transport and infrastructure solutions.

We, at Enterprise IT Security, are on a mission to secure the digital journey for the Volvo Group. We work closely together with stakeholders across several Truck Divisions, Business Areas, and Group Functions. With Enterprise IT Security, you will be part of Group Digital & IT (a Group Function). A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. Enterprise IT Security works in close collaboration with several stakeholders throughout the organization and together we strive for a best-in-class cyber security posture.

In this role you will be working closely with different EITS and Digital & IT teams to oversee audit activities, implementation of recommendations, interpret and support implementation of controls and improvement activities on external regulations e.g. NIS2.

This is how you could make an impact

Your main tasks and responsibilities include:

• Coordinate audit findings and improvement activities
• Support in the implementation of external cybersecurity regulations via assessments, analysis, reporting
• Support in the structuring and implementation of information security management systems
• Coordinate development of Corrective Action Plans for audit findings with application team
• Compliance and audit process design and update
• Advice on activities to strengthen control effectiveness

To be successful in this job you need to stay on top of the threat and risk landscape, the regulatory environment, our business strategies, emerging technologies and how new technologies and ways of working alter our risk and control posture.

Who are you?

You are well structured with a drive that makes you complete tasks within given timeframes, and you work well both in a team as well as on your own tasks.  

Mandatory qualifications:

• Genuine interest and proficiency in technology and information/cyber security
• Experience from regulations such as GDPR, NIS2, CRA, DORA
• Knowledge in implementing information security management systems
• Effectively communicator verbally and in writing in national language and English
• Possession of, or willingness to earn, relevant certifications, such as CISA, CISSP, ISO27001 lead auditor/implementor

Experience in one or more of the following areas would be advantageous:

• Experience of security testing, risk management or similar
• ISO27001 and related risk management standards and best practices
• Third party risk management, due diligence and assessments/audits
• Utilizing tools to perform effective control testing and continuous audit

As a member of the team, you shall possess personal attributes to enable acting professionally in accordance with sound principles and be:

• Observant, and actively aware of physical surroundings and activities
• Tenacious, persistent and focused on achieving objectives
• Decisive, and reaches timely conclusions based on logical reasoning and analysis.

Are we the perfect match?

Yes, we are if you want to join the journey of building this new team into a high-performing team that have fun at work while delivering great stuff. You contribute with your personality and experience, and we give you the right context and a great opportunity to grow in a multinational global organization. 

Curious, and have some questions? Call us! 

Contact Andreas Crusell, Head of Compliance and audit, +46 739 027889 or andreas.crusell@volvo.com

Last application date: 2025-10-05