Information Security Manager

Research shows that women and other under-represented groups within our industry hesitate to apply unless they tick most boxes of a role description. At Stegra, we are building an impact company with sustainability at its core. We need a diverse, inclusive, and authentic team to rally behind our purpose of de-carbonizing hard-to-abate industries, starting with steel.So, if you are equally passionate about our purpose yet concerned that your experience doesntperfectlyalign with the qualifications stated in the job advert, we strongly encourage you to apply anyway. You may be just the right candidate, either for this role - or for another upcoming role in ourrapidlygrowingbusiness. About us: Stegra, is on a mission to disrupt the global steel industry by producing green steel, with the end goal of bringing down CO2emissions to zero. By using green hydrogen and fossil-free electricity instead of coal; water and heat will be our primary emissions. By 2030, our ambition is to produce 5 million tonnes of green steel annually in our fully integrated, digitalized, and sustainable plant in Boden, located in northern Sweden - currently in construction phase. But this is just the beginning - our expertise in green hydrogen will enable us to decarbonize other industries in addition to steel, and we look forward to whats next in store for us. We are looking for talented, innovative, and purpose-driven people to join our rapidly growing and diverse team. Our employees get to learn everyday, implement the latest technology and test and put their ideas into practice. Together, we are building an impact company with sustainability at its core - for our people, customers, investors, society, and planet. Information Security Manager As the Information Security Manager you will oversee the implementation of security requirements and capabilities across Stegras digital and operational technology (OT) environments. This includes creating directives, performing threat modeling and risk assessments, defining architectural guidelines, and supporting mitigation efforts. You will also be responsible for building internal security competence through training and leadership, ensuring our teams have the skills needed to maintain robust security measures. In this role, you will work cross-functionally, collaborating with diverse teams across the organization. Key Responsibilities: Leadership & Strategy Align the organizations information security strategy with business goals and evolving risks. Lead efforts to secure digital and OT environments, supporting transformation initiatives. Provide guidance to production and manufacturing teams on information and cyber-related matters. Policy Development & Compliance Develop, update, and enforce security policies, directives, and requirements. Ensure compliance with frameworks such as ISO 27001, NIST, and GDPR. Conduct assessments to verify adherence to policies and regulatory requirements. Maintain internal control over financial processes in line with auditing standards. Risk Management Perform regular risk assessments to identify vulnerabilities and threats. Implement mitigation strategies to address identified risks. Develop and maintain risk management framework Team Leadership & Collaboration Mentor and upskill development and operational teams to build internal security competence. Foster security awareness and best practices across the organization. Collaborate cross-functionally with finance, HR, legal, and digital teams to embed security into all operations. Operations & Reporting Oversee security tools and systems, ensuring readiness to protect, detect and respond to threats. Oversee managed services, e.g. SOC operations Develop dashboards and reporting practices to track key metrics, incident mitigations, and security maturity levels Qualifications:Were looking for someone with: Bachelors degree in computer science, cybersecurity, or a related field; a masters degree is a plus. Certifications such as CISSP, CISM, or CEH are meritorious. Proficiency in security tools, technologies, and frameworks, including cloud, OT, network, and application security. Experience with security automation and architectural guidelines. Strong analytical skills, including the ability to analyze complex systems, identify security risks, and develop effective solutions. Proven leadership experience with a track record of managing teams or/and projects successfully. Excellent cross-functional collaboration and communication skills, ensuring alignment and integration of security measures across the organization. Personal qualities Were looking for someone who takes initiative and drives security efforts that create real impact. A practical, solution-oriented mindset is essential, as youll navigate complex systems and find effective ways to secure both digital and operational environments. Curiosity and a proactive approach will help you stay ahead of emerging security challenges. With a forward-looking perspective, youll play a key role in driving change and strengthening the security culture across the organization. Location: Stockholm, Sweden Applications will be reviewed on the 17th of February,and first after that you can expect an update from us.