Syncon – Empowering Exceptional After Sales Service
Syncron was founded on the idea that after-sales service acts as a significant source of competitive differentiation, revenue, profits and customer loyalty. Today Syncron provides world class cloud-based solutions that enable leading manufacturing companies to optimize after-sales performance and support the transformation from operating a break-fix service business model to a subscription-based uptime service model.
The Chief Information Security Officer (CISO) develops implements and manages Syncron’s corporate security vision, strategy and programs to ensure the security of information assets, maintain the trust of Syncron’s customers and obtain third party assurance for the Syncron cloud services.
The CISO is in charge of identifying and developing policies and procedures across the organization to reduce risks, respond to incidents and limit exposure to liability in areas of physical security, reputational damage, information security and information technology (IT) risk.
The CISO works closely with Syncron’s management and staff involved in securing organizational information assets to implement and maintain security policies, operate security technologies, respond to incidents, identify areas of concern and implement appropriate changes as needed.
Syncron’s Product Development, IT, Cloud Operations and CTO Office teams help the CISO achieve organisational goals by allocating resources where necessary.
- Develop and drive implementation of near- and long-term security strategy and goals in alignment with Syncrons’s business objectives and culture.
- Maintain security policies, standards, frameworks, procedures and guidelines and ensure that they are aligned with the strategy and compliance programs like ISO 27001, SOC and GDPR. Partner closely with Legal, Internal Audit/Controls, and HR on security-related topics.
- Lead all aspects of and continuously improve the governance and management of security to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.
- Develop and drive risk analysis, mitigation and remediation plans. Plan for and lead security incident response and recovery efforts.
- Chair the Syncron Security Steering Committee meetings to inform management on information security landscape and risk outlook.
- Help establish and maintain customer trust by participating in sales meetings and working closely with account executives.
- Communicate Syncron’s commitment to security by assisting in the production and distribution of security-related marketing content including the web site, white papers and blog posts.
- Coordinating and validating any external, security-related corporate communications plans and activities in the event of an information security breach.
- Lead and execute third party assurance efforts including independent assessments, industry standards and certifications.
- Act as the Data Protection Officer to ensure that the privacy of Syncron customers’ data is protected and regulatory compliance requirements are met.
You will have:
- Degree in business administration or a technology-related field required.
- Specific experience in Agile (scaled) software development or other best in class development practices.
- Deep knowledge and application of software development and quality assurance methodologies to application and infrastructure delivery.
- Experience working with Software/Infrastructure/Platform-as-a-Service (SIPaaS) solutions and architectures.
- Excellent communication skills, especially the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- Ability to understand the business context and technology challenges and handle uncertainty and apply appropriate security solutions in response to multiple risks and needs.
- Demonstrated experience in developing and leading security programs for international companies
- Successful experience getting audited or certified for SOC-2 and ISO-27001
- Knowledge of relevant security and compliance frameworks, standards and regulations (such as SOC2, ISO270xx, Cloud Security Alliance (CSA), NIST, COBIT, GDPR, DPA).
- Hold an industry recognized certification in security (CISSP, CISA, CISM, CEH, etc.)
- AWS security certification beneficial
ÖSTRA JÄRNVÄGSGATAN 27