
IST Group AB · Stockholm
Do you want to help shape information security across one of Scandinavia's leading EdTech companies? At IST, we develop digital solutions that support education...
Do you want to help shape information security across one of Scandinavia's leading EdTech companies?
At IST, we develop digital solutions that support education and learning for millions of users across Scandinavia. As Information Security Manager, you will play a key role in protecting our information assets, driving compliance initiatives, and strengthening our security culture across the entire IST Group.
While the role has a strong focus on our Danish operations and product portfolio, you will work on a Group level, collaborating with colleagues and stakeholders across multiple countries and business areas.
This is an opportunity for someone who wants to combine strategic security leadership with hands-on security governance in a company with a meaningful societal mission. The role serves as an important bridge between customers, operations, development, and management when security-related issues occur.
About the role
As Information Security Manager, you will be responsible for developing, implementing, and maintaining IST's information security framework. You will work closely with product and development departments, customers, auditors, and external stakeholders to ensure that security is embedded throughout the business.
You will act as a trusted advisor on information security matters, supporting both operational and strategic initiatives while continuously improving our security posture.
Develop and maintain information security policies, standards, and procedures across the Group.
Lead and coordinate information security governance activities.
Drive compliance with relevant regulations and frameworks, including GDPR, NIS2, ISO 27001, ISAE 3000, and related requirements.
Manage and coordinate security incidents, investigations, and corrective actions.
Conduct risk assessments and support enterprise risk management activities.
Collaborate with product development teams to embed privacy and security by design.
Support audits, security reviews, and due diligence processes.
Manage and maintain data processing agreements and security-related documentation.
Drive security awareness initiatives and promote a strong security culture throughout the organization.
Prepare reports and security metrics for management and key stakeholders.
Your profile
We believe you have the following competence profile to succeed in this role:
A Bachelor’s degree within Information Security, Computer Science, IT, Law, Business, or a related field.
Experience working with information security, cybersecurity, risk management and/or compliance.
Experience with GDPR and information security governance, ISO 27001, NIS2, ISAE 3000, SOC reporting, or similar frameworks.
Experience supporting audits, inspections, or compliance reviews.
The ability to communicate complex security topics to both technical and non-technical audiences.
Strong stakeholder management and collaboration skills.
A proactive, self-driven, and structured working style.
Relevant certifications such as ISO 27001, CISSP, CISM, CRISC, or similar are considered an advantage.
Why join IST?
At IST, you will become part of a company that has been developing digital solutions for the education sector for more than 40 years. We are approximately 400 employees across several countries, united by the ambition to create better opportunities for learning and education.
A meaningful role with significant influence on the Group's security agenda.
The opportunity to work across multiple countries, products, and business areas.
A collaborative and supportive international environment.
Professional and personal development opportunities.
A strong culture characterized by trust, openness, and teamwork.
This is a full-time, permanent position. At IST, we apply an office-first policy, meaning we primarily work from the office as we believe physical presence fosters collaboration, innovation, and a strong team spirit. At the same time, we understand the importance of flexibility—if you live farther away, working from the office three days a week with the remaining time remote may be possible. In Scandinavia our offices are located in Stockholm, Växjö, Roskilde and Oslo.
Apply
Applications are reviewed continuously. For questions, contact Nanna Holm Thyboe, +45 20 72 60 34 or email: nanna.thyboe@ist.com
For questions about the recruitment process, contact hr@ist.com
Please note! Background check is part of the recruitment process.
Welcome to apply!
TL;DR We are democratizing software creation for 99% of the world. We need a GRC Manager who doesn't just manage risk, but builds the infrastructure of trust that allows us to move at terminal velocity. Why Lovable? Lovable lets anyone and everyone build software with any language. From solopreneurs to Fortune 100 teams, millions of people use Lovable to transform raw ideas into real products - fast. We are at the forefront of a foundational shift in software creation, which means you have an unprecedented opportunity to change the way the digital world works. Over 2 million people in 200+ countries already use Lovable to launch businesses, automate work, and bring their ideas to life. And we're just getting started. We're a small, talent-dense team building a generation-defining company from Stockholm. We value extreme ownership, high velocity, and low-ego collaboration. We seek out people who care deeply, ship fast, and are eager to make a dent in the world. What We're Looking For A strategic operator who views compliance as a competitive advantage, not a checklist Experience scaling GRC in a technical environment where 'move fast' is the default setting The ability to coordinate complex projects involving 10+ stakeholders across diverse functions A communicator who can translate technical risk to finance and legal risk to engineering Someone who is excited by the challenge of defining compliance for the AI era Pragmatism over bureaucracy. What You'll Do In one sentence: You will be the architect of our operational integrity, ensuring our mission to empower creators is built on a foundation of global trust. Own the end-to-end strategy for certifications and technology compliance, ensuring we lead the industry in standards Partner with the Agent and Platform teams to bake compliance directly into our product offering Lead our evolution toward a 'public-ready' company, setting the standard for transparency in AI Build and manage cross-functional workflows that align HR, Finance, Legal, and Engineering under a unified risk framework Eliminate operational friction by automating compliance checks and evidentiary gathering Act as the primary interface between technical reality and regulatory expectations About Your Application Please submit your application in English. It's our company language, so you'll be speaking lots of it if you join. We treat all candidates equally - if you're interested, please apply through our careers portal.
Job Title: Cyber Security Tester TRATON is a group of strong brands with a shared mission: transforming transportation together to create the future of sustainable transport solutions. Within TRATON, we include MAN, Scania, Volkswagen Truck & Bus, and International. As part of a global team of industry experts, you get to think bigger, experience more, and reach further. Together, we have the power to transform transportation - Let´s make a difference together. Find out more: www.traton.com Our values – customer first, respect, team spirit, responsibility, and elimination of waste – are at the heart of everything we do. Role Summary This role is a part of TRATON Group R&D, located in Södertälje, Sweden Join our Infotainment and Driver Display Testing Team and play a key role in ensuring the cyber security and quality of next-generation Digital Dashboard solutions within the TRATON Group. As a Cyber Security Test Engineer, you will be responsible for planning, designing, executing, and driving cyber security testing activities across infotainment and driver display systems. Working in a global and multicultural environment, you will collaborate closely with System Test, Function Test, Vehicle Test, and HIL teams to identify security risks, verify compliance with cyber security requirements, and contribute to the delivery of safe and reliable digital products. Job Responsibilities Plan, coordinate, and drive cyber security testing activities for Digital Dashboard systems. Analyze cyber security requirements and translate them into effective test scenarios and test cases. Design, develop, and maintain automated test scripts to support efficient and scalable testing. Execute cyber security tests, including vulnerability assessments, penetration testing, fuzz testing, and security validation activities. Investigate, analyze, and troubleshoot security-related issues and defects. Evaluate test results, identify potential security risks, and provide clear reporting to stakeholders. Collaborate with global System Test and HIL teams to ensure alignment on testing strategies and quality objectives. Support continuous improvement of cyber security testing processes, methodologies, and tools. Contribute to ensuring compliance with automotive cyber security standards and best practices. Who You Are You have proven experience in cyber security testing, preferably within embedded systems or the automotive industry. You possess a strong understanding of security testing techniques, including penetration testing, fuzz testing, vulnerability scanning, and threat analysis. You have solid programming skills in one or more languages such as Python, C++, or C#. You are familiar with automotive communication protocols, particularly CAN. You have a good understanding of software testing methodologies, test levels, and quality assurance practices. You are analytical, detail-oriented, and have strong troubleshooting and problem-solving skills. You are comfortable working in international and cross-functional teams. You communicate effectively and can clearly present technical findings to different stakeholders. You are self-driven, well-organized, and motivated to take ownership of your work. You are fluent in English, both written and spoken. We welcome applicants from all backgrounds – your unique experience and perspectives is valuable to us. This Is Us Our team focuses on testing advanced Digital Dashboard solutions, ensuring high quality, reliability, and cyber security across infotainment and driver display functions. We are a diverse, collaborative, and multicultural organization consisting of System Test, Vehicle Test, and Function Test teams located across different TRATON sites worldwide. Within TRATON Group R&D, you are an important part of something bigger. Joining us means gaining access to the ins and outs of the entire transportation industry. TRATON Offers We offer a dynamic and engaging workplace where collaboration, innovation, and continuous improvement are part of everyday life. You will be part of a strong team environment that encourages knowledge sharing and close cooperation across functions. With a structured development plan and a wide range of training opportunities, TRATON Group R&D supports your professional growth both locally and internationally. Benefits include access to our health center in Gröndal or a wellness allowance, bonus, flexible working hours, and company car leasing. We also arrange events for employees and their families, and for those living in Stockholm, convenient commuting is supported through direct Scania Job express buses to Södertälje. We Offers We offer a dynamic, flexible workplace with hybrid work options, including Scania Sergel and Midway hubs. With a structured development plan and courses, TRATON Group R&D supports your career growth both locally and internationally. Benefits include wellness allowance, bonus, flexible hours, and company car leasing. We also host events for employees and their families, and Stockholm residents enjoy direct access to Södertälje via Scania Job express buses for an easy commute to Södertälje. Application We look forward to receiving your application, consisting of your CV and kindly ask you not to share a cover letter to ensure an efficient and unbiased recruitment process for all parties. Apply as soon as possible, no later than 2026-08-31. Screening will take place on an ongoing basis during the application period. Logical and personality tests may be used as part of the selection process, and a background check may be required for this role. If you have questions or would like more information, please contact: Nuno Marques, Recruting Manager, nuno.marques@scania.com We look forward to your application! This recruitment process is handled by Scania for TRATON Group R&D
Om uppdraget Vi söker för kunds räkning en senior IT-säkerhetsexpert som ska stödja ett projektteam bestående av projektledare, kravställare, IT och upphandlingsfunktion i upphandlingen av en realtidsstödd integrationsplattform där ett tillgångsförvaltningssystem (AIM), ett underhållssystem (CMMS) och ett dokumenthanteringssystem ingår. Uppdraget utgår från att informationssäkerhet, interoperabilitet och datastyrning ska hanteras som en sammanhållen förmåga – inte som separata delar. Du blir en nyckelperson i att säkerställa att de system som upphandlas inte begränsar verksamhetens möjligheter till integration, datadelning och vidareutveckling, utan istället utgör en stabil och säker grund för framtida digitala arbetssätt. Bakgrund VA-avdelningen genomför en upphandling av ett tillgångsförvaltningssystem (AIM), ett underhållssystem (CMMS) och ett dokumenthanteringssystem byggt på en framtidssäkrad integrationsmotor. Systemen kommer att hantera verksamhetskritisk information och ställer höga krav på informations- och IT-säkerhet i relation till systemens interoperabilitet och informationsflöden. Vad du kommer att göra • Ge stöd i informationssäkerhetsanalys (ISA) och omsättning till konkreta krav • Ta fram och kvalitetssäkra säkerhetskrav i upphandlingen • Stödja formulering av krav i förfrågningsunderlag och avtal • Ge rådgivning kring säkerhet i integrationer och leverantörsled • Stödja utvärdering av anbud ur ett säkerhetsperspektiv Du bidrar till en samlad kravbild som säkerställer bland annat: • Att system och integrationer är interoperabla och kan utbyta data standardiserat och säkert • Att data kan användas över systemgränser utan manuella steg • Att arkitekturen stödjer realtidsdata och kontinuerliga dataflöden • Att lösningen är framtidssäker avseende analys, automatisering och kommande lagkrav • Att säkerhetskrav utformas för att möjliggöra – inte hindra – säker interoperabilitet • Arkitekturprinciper för segmentering, zonindelning och kontrollerade dataflöden mellan IT och OT, i linje med standarder som IEC 62443 • Krav på informationsägarskap, datastyrning och spårbarhet • Säkerhet i hela leverantörskedjan, inklusive tredjepartsintegrationer och underleverantörer • Att krav kan verifieras, följas upp och revideras över tid Leveranser • Analys och rekommendationer kring hur säkerhet, integrationsarkitektur och datamodell samverkar • Förslag till säkerhetskrav i upphandlingsdokument • Underlag till avtalsvillkor avseende informations- och IT-säkerhet • Bedömningsstöd vid anbudsutvärdering • Rekommendationer kring uppföljning av säkerhetskrav Vem vi söker Obligatoriska kvalifikationer: • Erfarenhet av informationssäkerhet i offentlig verksamhet • Erfarenhet av integrationsarkitektur, API-strategier och interoperabilitet i komplexa IT/OT-miljöer • Kunskap om datamodeller och informationsstrukturer kopplade till verksamhetssystem • Erfarenhet av säker datadelning i system med realtidsintegrationer • Erfarenhet av kravställning i IT-upphandling • Erfarenhet av relevanta standarder, t.ex. ISO 27000-serien • God kunskap om lagkrav, GDPR och OSL Meriterande: • Erfarenhet av upphandling i offentlig sektor och/eller införande av verksamhetssystem • Erfarenhet av säkerhet i molntjänster och integrationer • Kunskap om NIS2/cybersäkerhetsregelverk • Erfarenhet från samhällsviktig verksamhet, exempelvis VA Praktisk information Uppdraget genomförs i nära samverkan med projektledning, IT och upphandlingsfunktion. Uppdraget omfattar inte teknisk drift eller implementation av system. Upphandlingen beräknas vara klar under Q2 2027, varefter organisationen går in i implementeringsfasen. Ansök idag urval sker löpande