Arbetsbeskrivning

At Securitas, Digital Security (Cyber Security) is focused on protecting our systems, applications, data, and services while enabling secure and reliable business operations.

All countries within our scope are either certified against ISO/IEC 27001 or actively implementing it, ensuring a consistent and structured approach to information security management across the organisation.

Your Role – Cluster Digital Security Officer (Cluster North)

As a Cluster Digital Security Officer, you will support the technical execution, coordination, and oversight of Digital Security across Cluster North (Sweden, Norway, Finland, Denmark, the UK, and Ireland), while also contributing to Group/ Division-level security priorities.

This is a hands-on, operational role, delivered as part of a wider Digital Security organization. You will work closely with different Division/Group IT teams, Digital Security Operations, Digital Security, and Country IT teams, operating in a collaborative, multi-country and multi-layer (Cluster–Division–Group) environment.

Key Responsibilities

Security Coordination & Team Collaboration (Cluster & Division)

• Coordinate Digital Security activities across the Cluster and support execution of the security roadmap aligned with Division priorities, including application security initiatives

• Ensure consistent implementation of security controls, baselines, and services across infrastructure and applications

• Work closely with GITS, Application teams, Domain and other IT teams to ensure alignment and effective execution

• Contribute actively to the Digital Security community, including sharing practices related to application and platform security

• Provide regular, transparent, and data-driven reporting on risk posture, control effectiveness, and remediation progress

Technical Security Oversight (Infrastructure & Applications)

• Monitor and assess the security posture of platforms, infrastructure, and applications (on-prem and cloud)

• Oversee key control areas including vulnerability management, patching, identity and access management, endpoint security, and application security

• Support secure practices across the application lifecycle (SDLC), including awareness of secure design and common vulnerabilities (e.g. OWASP Top 10)

• Ensure effective logging, monitoring, and incident detection capabilities are in place across infrastructure and applications

• Track and assess third-party and supplier risks, including risks related to applications and integrations

Risk, Compliance & Assurance

• Identify and track gaps against security policies, standards, and mandates, including application security requirements

• Support/execute risk assessments, internal and external audits, and customer assurance activities across Cluster environments

• Drive and follow up on risk remediation plans, ensuring clear ownership and execution across technical teams

Securitas Alarm Monitoring Centers (SOC) Security

In addition to Cluster responsibilities, you will contribute to Division-level security of Securitas Alarm Monitoring Centers (SOCs) supporting the Domain Digital Security Officer SOC and RVS, which are among the most critical environments within Securitas.

This includes:

• Supporting and overseeing the security posture of SOC environments, including underlying infrastructure and supporting applications

• Ensuring implementation of enhanced technical controls (e.g. network segmentation, strong access control, privileged access management, monitoring, and secure application access)

• Monitoring the availability, integrity, and protection of SOC systems, applications, and data flows

• Supporting incident detection, response readiness, and recovery capabilities for SOC-related platforms and applications

• Working closely with Infrastructure, Application, SOC and other IT teams to reduce attack surface and strengthen resilience of SOC environments

Ideal Candidate Profile

We are looking for a candidate who combines technical understanding across infrastructure and applications, structured execution, and strong collaboration skills.

Certifications (mandatory)

• CISSP or CISM or equivalent

Experience & Knowledge

• 5–7 years of experience in Cyber Security, Information Security or Application Security

• Minimum of 2 years of experience in IT operations

• Good understanding of security domains (IAM, endpoint security, vulnerability management, logging/monitoring, network security, and application security)

• Solid understanding of application security principles, including secure development practices, common vulnerabilities (e.g. OWASP Top 10), and risks in application architecture and integrations

• Good understanding of ISO 27001 standard

• Experience with risk management, audits, or compliance activities

• Understanding of infrastructure environments (networks, servers, cloud platforms) and their interaction with applications

Technical & Analytical Skills

• Ability to assess security posture across infrastructure and applications and identify control gaps

• Comfortable working with security metrics, reports, and risk data

• Understanding of incident detection and response processes, including those impacting applications

• Ability to translate security requirements into practical and implementable actions across infrastructure and application teams