Information Security Officer

The Information Security Officer is the Department Head for Security & Risk within Group IT & Digital Services and reports to the Vice President IT & Digital Services. 

The role owns the enterprise information security, cyber risk, and security governance agenda across Group IT & Digital Services. It provides strategic leadership and practical direction for cyber resilience, security-by-design, identity and access governance, compliance, third-party security, and the protection of business-critical platforms, data, and digital services.

A key part of the role is to strengthen secure IT / OT convergence and the protection of connected plant, industrial IoT, edge, remote access, and customer-facing digital environments. The position acts as the senior security counterpart to Enterprise Architecture, Platform & Infrastructure, Enterprise Applications, Digital Engineering, Data & Analytics, Digital Service Solutions, and relevant engineering and business stakeholders.

• Lead and continuously develop the enterprise-wide Security & Risk function, including strategy, governance, priorities, capacity planning, and collaboration with internal and external partners.
• Own and evolve the information security framework and translate business priorities, the new IT Target Operating Model, and IT & Digital Strategy 2028 into a pragmatic security roadmap with clear milestones and KPIs.
• Own cyber risk management, compliance, and management reporting across enterprise IT, cloud services, digital platforms, data services, and relevant OT / IoT exposure areas.
• Lead security audits, maturity assessments, and remediation activities, ensuring findings and control gaps are prioritized, tracked, and closed with accountable owners.
• Steer security-by-design and provide leadership across key security domains, including IAM, privileged access, Zero Trust, vulnerability management, network and endpoint security, cyber resilience, and incident readiness.
• Own the security governance approach for IT / OT convergence, industrial IoT, plant-connected services, and remote access, while acting as a trusted advisor to the VP Digital & IT and senior stakeholders.

• Degree in Information Security, Cyber Security, Information Technology, Computer Science, Engineering, or a related field; relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 are strongly preferred.
• Minimum 5 years of relevant experience in information security, cyber security, IT risk, or related leadership roles, ideally within a complex industrial, engineering, energy, utilities, or manufacturing environment.
• Strong expertise in information security governance, cyber risk management, compliance, control frameworks, cloud security, identity and access management, and OT / IoT / industrial cyber security.
• Strong leadership, stakeholder management, and communication skills, with proven ability to lead teams, drive accountability, shape security culture, and work effectively across business and technology functions.

Why Join Us?

• A key role in shaping the digital transformation of Kanadevia Inova
• Modern working environment with high flexibity and international exposure

We offer

•  Responsible challenge with diversified field of activity
• Team-oriented working atmosphere in an international Company
• Personal development opportunities through own Inova Academy
• Opportunity to gain an insight into various technical disciplines
• Excellent employment conditions
• Attractive working place (central, good transport links)
• Modern infrastructure

For HR agencies: Please note that we do not accept applications coming from agencies. Thank you.