Strategy and Governance Officer

O projekcie: Position Overview: We, at Enterprise Cybersecurity (ECS), are on a mission to secure the digital journey for the Volvo Group. We work closely together with stakeholders across several Business Areas (BAs), Divisions (DVs), and Group Functions (GFs). While the BAs are responsible for driving the business, the DVs provide research, development, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction and have global responsibility. With Enterprise Cybersecurity you will be part of Digital Technology & Operations. A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. We are currently seeking a seasoned and highly capable Strategy and Governance Officer operating within Enterprise Cybersecurity (ECS) and in close partnership with Volvo Group Digital Technology & Operations and DV/BA/GFs. This role focuses on defining, steering, and overseeing clear, consistent cybersecurity strategy and governance across a complex, multi-stakeholder environment. The Strategy and Governance Officer acts as a key link between Cybersecurity and the wider organization, ensuring that security direction, policies, and initiatives are understandable, actionable, and fully aligned with business priorities and risk appetite. Strategic Security Governance & Planning - Support security leadership in defining, structuring, and prioritizing cybersecurity strategies and initiatives.  - Shape and contribute to long‑term security plans, governance frameworks, ensuring communication and change‑management considerations are embedded from the outset.  - Provide structured, security‑governance input into enterprise programs and cross‑functional initiatives to strengthen alignment with Group policies and risk appetite.  Governance Coordination & Stakeholder Stewardship - Act as the coordinating function between ECS stakeholders, ensuring alignment on governance and strategic security matters.  - Drive change‑management to support the successful adoption of cybersecurity policies, controls, and governance requirements.  - Establish and facilitate structured stakeholder feedback mechanisms to improve governance understanding, compliance, and maturity across the organization. Wymagania: Required Background & Experience: - Master’s degree in computer science, Information Security, or a related field.  - Professional background in security, such as corporate security, risk management, intelligence, military, law enforcement, or security consulting.  - Demonstrated experience in project management, including planning, executing, and overseeing security-related projects across complex, multi-stakeholder environments.  - Experience in security communication and governance, including the development, implementation, and monitoring of security policies, procedures, and controls.  - Proven ability to communicate security, risk, or sensitive operational topics to non-technical audiences.  - Exposure to security incident management, risk assessment, or security governance frameworks.  Skills & Competencies Strong written and verbal communication skills, with the ability to convey complex security concepts clearly and credibly to diverse audiences. - Ability to structure, prioritize, and present security information for decision-makers at all levels.  - Strategic mindset grounded in security realities, with a focus on both technical and organizational objectives.  - High emotional intelligence and strong stakeholder management skills, fostering collaboration across departments.  - Demonstrated project management skills, including coordination, scheduling, and resource allocation for security initiatives.  - Deep understanding of security governance principles and best practices.  - Collaborative approach with respect for role boundaries and functional ownership. Codzienne zadania: - Governance & Documentation Support - Contribute to the design and operation of the governance model for security documentation, including standards, procedures, guidelines and operating procedures (SOPs). - Draft, review, and maintain ISMS documentation to ensure clarity, consistency, and alignment with strategic directives. - Create clear, visually structured process descriptions, workflows, and governance diagrams that support understanding of ISMS requirements across the organization. - Support the documentation lifecycle: revision cycles, approvals, distribution, and retirement. - Ensure documentation accurately translates high‑level requirements into actionable, organization‑wide security controls. - Compliance & Regulatory Alignment - Support compliance efforts for ISO/IEC 27001 and other relevant regulatory or industry frameworks (e.g., NIS2, DORA, PCI-DSS, HIPAA). - Assist in preparing materials and evidence for internal and external audits. - Monitor regulatory and standardization developments and assess their impact on internal security documentation. - Help business units interpret and implement control requirements as part of the compliance program. - ISMS Operations & Continuous Improvement - Support the ongoing maintenance of the Volvo Group Digital Technology & Operations ISMS, including tracking updates, ensuring consistency, and managing interdependencies between documents. - Contribute to maturity assessments, gap analyses, and corrective action plans. - Maintain documentation repositories and ensure accessibility, version control, and stakeholder communication. - Stakeholder Collaboration & Communications - Work closely with Cybersecurity as well as control owners and control implementors across Volvo Group Digital Technology & Operations to ensure documentation aligns with technical realities, compliance expectations, and operational needs. - Coach, guide, and train control owners, implementors, and subject‑matter experts on how to interpret, apply, and operationalize security st