Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Senior Cybersecurity Risk & Quality Assurance Manager to join our dynamic team.

What You’ll Do:

• Integrate cybersecurity risk management into the Enterprise Risk Management (ERM) framework, ensuring that all risks are identified, assessed, and effectively mitigated.
• Oversee and maintain the Security Control Framework aligned with industry standards such as NIST CSF and CIS Controls, ensuring comprehensive risk coverage and strong security controls.
• Manage the Threat Catalogue, regularly updating it to address emerging threats and shaping corresponding mitigation strategies.
• Define and drive a comprehensive cybersecurity quality assurance program, including penetration testing, red team exercises, vulnerability scanning, and control testing.
• Lead a continuous improvement program to adapt and enhance cybersecurity controls based on emerging threats, audit findings, and business needs.
• Ensure regulatory compliance by managing cybersecurity practices in alignment with applicable regulations and supporting regulatory audits and reporting.
• Develop and maintain cybersecurity reporting, including KPIs, KRIs, and maturity assessments, to measure the effectiveness of the security program and support decision-making processes.

What You Bring:

• 5+ years of experience in cybersecurity risk management, security control frameworks, and quality assurance.
• Expertise in security frameworks such as NIST CSF and CIS Controls, with hands-on experience in internal control testing, audits, and vulnerability assessments.
• Proven ability to drive continuous improvement programs and ensure the operational effectiveness of cybersecurity controls.
• Relevant certifications such as CISSP, CISM, or CRISC.
• Fluency in both Swedish and English.
• Familiarity with hybrid environments (on-premise and cloud) and experience with Lean-Agile or DevSecOps methodologies.