Arbetsbeskrivning

Want to shape the entire information security landscape behind one of the Nordics’ most well-known e-commerce marketplaces?

At CDON Group, security is a strategic foundation for our growth, data-driven operations, and future innovation. We’re now strengthening our security capabilities and are looking for an Information Security Specialist who wants to take ownership, drive development, and ensure that security is embedded across our products, platforms, and teams.

About us

Join us at CDON Group, a Swedish listed company with a long history and extensive experience in the e-commerce market. Our mission is to unleash the power of the marketplace to give the best shopping experience in the Nordics.

We are dedicated to providing great online shopping experiences and are on the lookout for an Information Security Specialist to join us on this journey for our two Nordic marketplaces: CDON and Fyndiq.

About the role

This role combines hands-on security work with broader ownership of how we structure, govern, and communicate information security across the company. You will sit within IT but collaborate closely with Legal, Finance etc, as many topics touch on compliance, GDPR, NIS2, the AI Act, and regulatory inquiries.

At the same time, we are navigating a unique balance. We are pragmatic, entrepreneurial, and fast-moving, yet also a publicly listed company with expectations on governance, compliance, and structure. This creates an environment where you will help build processes that do not fully exist today, while still working close to the business and making real impact quickly.

Some areas of focus include:

• Helping build security processes and routines, both maintenance and from the ground up

• Supporting the entire organization with practical, understandable security guidance

• Working with both technical and non-technical stakeholders

• Helping raise security maturity while keeping the business moving forward

Responsibilities include

You will have both structured responsibilities and day-to-day practical tasks.

Key areas include:

• Developing and maintaining information security policies, governance, and documentation

• Driving risk management activities across systems, suppliers, processes, and new initiatives

• Ensuring alignment with frameworks such as ISO 27001, NIS2, and GDPR

• Collaborating closely with Legal on data protection, AI governance, and regulatory communication

• Supporting IT, infrastructure, and engineering teams with operational security tasks

You will also work hands-on with:

• Google SecOps and our existing tooling

• Vulnerability management

• Access and identity management

• Coordinating external penetration tests and understanding results

• Leading internal training, awareness efforts, and phishing exercises

Part of the role also involves presenting findings and explaining why security requirements exist — not just what they are — in ways that engage and motivate colleagues across the business.

Qualifications and requirements

We are looking for someone who can understand, interpret, and communicate both technical and regulatory requirements.

Relevant experience and traits include:

• A couple of years in information security, IT security, or data protection

• Relevant degree for the role

• Understanding of GDPR, NIS2, and IT risk work

• Strong communication and presentation skills

• The ability to learn and work with security tools such as Google SecOps

• Full professional proficiency in Swedish and English

• Pragmatic mindset and the ability to balance speed with governance

• Ability to work regularly from Stockholm to collaborate effectively with Legal and support incident handling

Some tasks require hands-on IT security understanding, but you do not need to be a programmer. Support is available from backend teams for highly technical areas.

What we offer

• An opportunity to be part of a unique growth journey, actively contributing to the success of the leading e-commerce marketplaces in the Nordics.

• A collaborative and dynamic work environment, with passionate colleagues who believe in CDON Group’s mission

• Competitive compensation package, including benefits such as pension and insurance through Max Matthiessen and MyBenefit portal.

• Career growth opportunities within a rapidly evolving company.

Application Process:

Please attach your resume and a brief cover letter outlining your interest and suitability for the job. We will be conducting interviews with candidates on an ongoing basis.

To ensure a professional and unbiased assessment, we will ask candidates to perform a combination of logical reasoning and personality tests as part of the process.