CLUSTER NORTH DIGITAL / CYBER SECURITY OFFICER - M/F

At Securitas, Digital Security (Cyber Security) is focused on protecting our systems, applications, data, and services while enabling secure and reliable business operations. All countries within our scope are either certified against ISO/IEC 27001 or actively implementing it, ensuring a consistent and structured approach to information security management across the organisation.

Your Role – Cluster Digital Security Officer (Cluster North) As a Cluster Digital Security Officer, you will support the technical execution, coordination, and oversight of Digital Security across Cluster North (Sweden, Norway, Finland, Denmark, the UK, and Ireland), while also contributing to Group/ Division-level security priorities. This is a hands-on, operational role, delivered as part of a wider Digital Security organization. You will work closely with different Division/Group IT teams, Digital Security Operations, Digital Security, and Country IT teams, operating in a collaborative, multi-country and multi-layer (Cluster–Division–Group) environment. Key Responsibilities Security Coordination & Team Collaboration (Cluster & Division)

Coordinate Digital Security activities across the Cluster and support execution of the security roadmap aligned with Division priorities, including application security initiatives

Ensure consistent implementation of security controls, baselines, and services across infrastructure and applications

Work closely with GITS, Application teams, Domain and other IT teams to ensure alignment and effective execution

Contribute actively to the Digital Security community, including sharing practices related to application and platform security

Provide regular, transparent, and data-driven reporting on risk posture, control effectiveness, and remediation progress

Technical Security Oversight (Infrastructure & Applications)

Monitor and assess the security posture of platforms, infrastructure, and applications (on-prem and cloud)

Oversee key control areas including vulnerability management, patching, identity and access management, endpoint security, and application security

Support secure practices across the application lifecycle (SDLC), including awareness of secure design and common vulnerabilities (e.g. OWASP Top 10)

Ensure effective logging, monitoring, and incident detection capabilities are in place across infrastructure and applications

Track and assess third-party and supplier risks, including risks related to applications and integrations

Risk, Compliance & Assurance

Identify and track gaps against security policies, standards, and mandates, including application security requirements

Support/execute risk assessments, internal and external audits, and customer assurance activities across Cluster environments

Drive and follow up on risk remediation plans, ensuring clear ownership and execution across technical teams

Securitas Alarm Monitoring Centers (SOC) Security In addition to Cluster responsibilities, you will contribute to Division-level security of Securitas Alarm Monitoring Centers (SOCs) supporting the Domain Digital Security Officer SOC and RVS, which are among the most critical environments within Securitas. This includes:

Supporting and overseeing the security posture of SOC environments, including underlying infrastructure and supporting applications

Ensuring implementation of enhanced technical controls (e.g. network segmentation, strong access control, privileged access management, monitoring, and secure application access)

Monitoring the availability, integrity, and protection of SOC systems, applications, and data flows

Supporting incident detection, response readiness, and recovery capabilities for SOC-related platforms and applications

Working closely with Infrastructure, Application, SOC and other IT teams to reduce attack surface and strengthen resilience of SOC environments

Ideal Candidate Profile We are looking for a candidate who combines technical understanding across infrastructure and applications, structured execution, and strong collaboration skills. Certifications (mandatory)

CISSP or CISM or equivalent

Experience & Knowledge

5–7 years of experience in Cyber Security, Information Security or Application Security

Minimum of 2 years of experience in IT operations

Good understanding of security domains (IAM, endpoint security, vulnerability management, logging/monitoring, network security, and application security)

Solid understanding of application security principles, including secure development practices, common vulnerabilities (e.g. OWASP Top 10), and risks in application architecture and integrations

Good understanding of ISO 27001 standard

Experience with risk management, audits, or compliance activities

Understanding of infrastructure environments (networks, servers, cloud platforms) and their interaction with applications

Technical & Analytical Skills

Ability to assess security posture across infrastructure and applications and identify control gaps

Comfortable working with security metrics, reports, and risk data

Understanding of incident detection and response processes, including those impacting applications

Ability to translate security requirements into practical and implementable actions across infrastructure and application teams