Post a Job for Free

Information Security Officer – IAM

Polestar

Job title:

Information Security Officer – IAM

Company

Polestar

Job description

The opportunityThe information security team at Polestar provides various services such as risk management, security assessment, threat modeling and management, security advisory, penetration testing and oversee the security operations (SOC). Additionally, security officers have a rotating on-call duty.This position is ideally located out of Gothenburg. We believe in a hybrid model when it comes to remote and onsite work, knowing that both in-person collaboration and individual time to focus are needed. What matters most is that people get the time, and support, to do what needs to be done. And to enjoy doing it, of course.The responsibilitiesAs InfoSec officer at Polestar, you will focus on designing and enhancing IAM capability. Reporting to the CISO, you track IAM risks, collaborate with stakeholders, and develop IAM policies and processes that meet regulatory and compliance standards. You conduct IAM risk assessments, propose mitigation strategies, and work closely with the IAM and HR teams to ensure secure identity and access posture. Additionally, you develop IAM-related incident response protocols in collaboration with the Security Operations Center (SOC) to effectively address potential security incidents.

  • Oversee and govern InfoSec IAM Capability and align with InfoSec Strategy.
  • Define and set standards and practices for responsible areas.
  • Support Risk Management, Risk Analysis, and stakeholder consultations on IAM risk treatment.
  • Formulate tactical goals and translate them into operational plans.
  • Contribute to strategic planning and governance decisions.
  • Collect, aggregate, and monitor InfoSec IAM risk data.
  • Review and align IAM requirements for both Corporate IAM and Customer-facing IAM.
  • Regular governance checks and collaboration with the IAM and HR teams are necessary to improve and align with InfoSec standards and requirements such as RBAC, access reviews
  • Identifying IAM shortages and driving projects in collaboration with internal stakeholders.
  • IAM policy design and implementation, including cloud IAM (Microsoft Entra, AWS, Azure, GCP).
  • Privileged Access Management (PAM, PIM) and IGA platforms.
  • Background in adopting industry standard enterprise wide IAM technologies and concepts, aligning with compliance requirements.
  • Proficient in explicit trust model and least privileged principals
  • Extensive experience in designing RBAC, ABAC, PBAC
  • IAM in DevOps environments, lifecycle management, and automation processes.
  • Deep understanding authentication and authorisation protocols
  • Application, systems, and API access management.
  • Working experience in directory services, access brokers, DLP and SaaS based identity.
  • Background in PKI, certificate management, trust models, certificate-based protocols is a plus

The ideal candidateWe are seeking a dynamic and passionate individual with a proven track record in managing technical priorities. The ideal candidate is patient and open, capable of informing, motivating, and training others on their subject matter. With high energy and a willingness to find innovative solutions using available tools and requirements, this person will thrive in our culture of trust, free thought, and complete transparency.The successful candidate will possess strong communication skills, enabling them to align the organization on complex technical decisions. They are a connecting thinker, always seeking the best ways of working in an integrated and efficient manner across various responsibilities. Additionally, they will have the ability to generate new solutions and translate effectively between different stakeholders in digital business and Information Security.In addition, you’ll need the following qualifications/experience:

  • University degree in relevant subject area in relation to Information Security or computer science
  • More than four years of experience working in digital organizations and Information Security
  • History of adapting industry standard enterprise-wide security technologies and concepts to technology and business defined scopes
  • Knowledge of relevant industry standards (e.g., NIST 800-53, ISO 27001, ISO 27018, EN 62443)
  • Good working experience in control areas of the ISO 27001:2022 and knowledge of relevant industry standards (e.g., NIST 800-53, ISO 27001, ISO 27018, EN 62443 and GDPR).
  • Well understanding of design of a security architecture and necessary interfaces between the different components and stakeholders
  • Having certifications like CIAM, CIMP, CISM, CISA, CRISC, OSCP, CISSP or CCSP is a plus.

Polestar is an international company, with various backgrounds represented. English, therefore, is the language of written and spoken communication. And though we have a global presence, we maintain the growth-mindset. Change happens often at Polestar. But so does progress. Expect an accelerating, exciting environment.The processIf the above matches your ambitions, be sure to apply. Our selection process is ongoing, and the job advert will remain open until it’s filled.The Polestar journey is an electric one.Join a global team dedicated to improving the societies we live in through sustainable, electric mobility.

Expected salary

Location

Göteborg

Job date

Sun, 15 Dec 2024 03:03:40 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsineu.net) you saw this job posting.

Related Jobs

Showing 1 - 4 of 22134 jobs

To apply for this job please visit jobviewtrack.com.

Job Location
[email protected]
© jobsineu.net