Business Security Officer

About the team:

Security and Privacy enables everyone in Orange Business to perform business activities according to relevant security and privacy standards and regulations, as well as business requirements, and thereby contribute to the company reaching business goals. Our security and privacy strategy is aligned with the business strategy to ensure we use security and privacy not just as a compliance measure but also to drive innovation and business both for our customers and internally.

We firmly believe that good governance, security and privacy will be achieved through an aware and competent workforce, using well-defined processes and frameworks, and tools that support our security policies and privacy framework. That is why we see security and privacy as interdependent on each other, not as silos, and why we have one common department that works with both areas in an aligned manner supporting each other and the business.

The Business Security Officer works closely with, and within, the Security and Privacy department, supporting and reporting to the Group CISO, but also interacts with our customers security organization, especially customer-appointed security representatives and/or their management, external regulatory bodies, especially in case of national security act, external partners/auditors - as agreed and authorized by customer and Customer teams, and our internal Service Managers and Business Managers (ad hoc). 

The role:

As Business Security Officer you will work as a liaison for our Sweden based customers, bridging the gap between the customer, the customer team in Orange Business, and other delivery units such as CyberSOC, Operations Center and Data Center. This role is typically provided to customers with high security awareness, specific requirements that must ensure compliance with different information security standards or frameworks.

Your job will be to remain up to date on customer needs and ensure that Orange Business continues to design and operate our services, accordingly, including alignment with the security and privacy requirements. The BSO will also ensure ongoing reporting on security, risk, and compliance, both internally to the Group CISO and to the customers.

Additionally, you’ll assist Group CISO and Orange Business to comply with laws and regulations, such as EU GDPR and national data privacy legislation in each country of operation (in collaboration with the Data Protection Officer and the Group CISO), National/EU Security Act, etc. You will need to find ways to do internal control, provide reports to the customer and manage a customer security forum where you meet with your customers to align security efforts and improvement activities.

Your key areas of responsibility:

• Meetings with customers, Group CISO and participate in internal/customer security forums, on a regular basis to convene and discuss security work.
  
• Take a lead in conducting security drills, testing both customer and Orange Business in different scenarios.
  
• Understanding the risks of the customer from a compliance perspective.
  
• Provide input to the compliance work in accordance with ISO 27001, SOC2 NIS2 and DORA to enhance proactive security measures, identify and reduce risks.
  
• Create or assist in creating customer specific policies, procedures, and routines, and make sure they are in line and up to date with our policies, laws and regulations. 
  
• Assist customers and customer teams in planning and executing disaster and continuity exercises, audits, and change/architecture forums.
  
• Build and maintain security and privacy awareness, and act as guidance for the customer teams.
  
• Assist and provide input to Group CISO in our compliance activities, such as ISO 27001, EU regulations as GDPR, NIS2 and DORA
  
• Represent Security & Privacy in customer monthly security forums

As an ideal candidate you have:

• High school or college degree in IT or equivalent competence through work experience
• Minimum 3 years of working in information and/or IT security area
• Customer experience within information and/or IT security, and/or Cloud Services
• Strong focus on service and delivery towards the customers
• Ability to take ownership and responsibility to find answers and solutions to customer questions and problems
• Excellent communication skills
• Proficient in Swedish and English
  
  

It is not a requirement, but other preferred qualifications would be:

• Experience from compliance and architecture, or:
  • Certifications ex. CISSP, CCSP, CompTIA Security+, or other certification by SANS or ISC, ISACA
  • Experience from working with ITIL, ISO, and EU regulations as NIS

What we offer you:

• Hybrid ways of working with access to our modern & collaborative office in Stockholm
• We may work with tomorrow’s technology, but at our core we are a people-oriented organization and we are proud to have our Great Place to Work certification
• An open and inclusive culture, that enables us to reach our full potential
• A community of experts - as Digital Natives, we put innovation at the heart of our expertise
• Read more about the benefits we offer here.
  
  

About Orange Business:

Orange Business is a leading network and digital integrator company with offices in 65 countries worldwide, and part of the Orange Group.

Digital Services, a business line of Orange Business is a division within Orange Business. In Europe the business line consists of approximately 1500 people distributed across 9 countries. We are digital natives, with innovation at the core of our business, which makes us a reliable partner close to our customers. Our joint mission is to help innovate, drive and lead them in their digital transformation challenges and business strategies in key digital domains, including Cloud, Customer Experience, Digital Workspace and Data & AI. As an agile and fast-moving digital business partner, the business line offers trusted end-to-end solutions and products that help businesses in a wide range of industries in the private and public sector transform their operations, enhance customer experience, and drive growth.

With our digital expertise, we are a strategic partner of Orange Business objectives to be a leading network and digital integrator with our team as a key growth engine.

The process:

This job posting will remain open until January 17th, 2025. To ensure your application is considered, please submit it before the deadline. We will begin reviewing applications and reaching out to candidates shortly after this date.

Interested but feel that you don´t match the criteria 100%? We encourage you to apply anyway! We believe in the potential of diverse skill sets, perspectives and individuality. We want to encourage everyone to be their authentic selves and your unique capabilities may align perfectly with our team's needs! Your perfect match might be the next job we are announcing, so why not have a head start and apply now!

Are you interested to read more about Orange Business? Visit our Website or follow our LinkedIn account.