Arbetsbeskrivning

Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Senior IT Governance Specialist to join our dynamic team.

What you will work on:

• Lead and support global IT security governance and compliance initiatives, with emphasis on US regulatory requirements.
• Oversee adherence to GDPR, ISO 27001, SOC 2, CCPA, HIPAA, and related security frameworks.
• Conduct audits and risk assessments, including internal/external audits, customer assessments, and remediation follow-up.
• Manage and improve network and endpoint security processes, including firewalls, patch management, and vulnerability scanning.
• Drive Identity & Access Management activities, including AD/Azure AD, MFA, RBAC, and access reviews.
• Handle incident response activities such as investigation, containment, documentation, and post-incident improvement.
• Lead security awareness initiatives, including phishing simulations, training, and global education programs.
• Serve as a security liaison across IT, DevOps, HR, Finance, and senior leadership.

What you bring:

• Strong background in IT security governance and compliance frameworks (GDPR, ISO 27001, SOC 2, CCPA, HIPAA, or similar).
• Practical experience with Microsoft Defender, Intune, and M365 Security Center (Sentinel/SIEM is a plus).
• Experience conducting audits, risk assessments, and remediation planning.
• Solid understanding of network and endpoint security best practices.
• Strong Identity & Access Management expertise with AD, Azure AD, MFA, and RBAC.
• Hands-on experience with incident response and related processes.
• Experience delivering global security awareness and training activities.
• Excellent communication and stakeholder management skills.
• Ability to work independently in a global environment and fully align with EST/GMT-5 working hours.
• Security certifications such as CISSP, CISM, or ISO 27001 Lead Auditor (meriting).
• Experience with DevSecOps or secure SDLC (meriting).
• Experience working in international organisations (meriting)