Ciso

Position: Chief Information Security Officer (CISO) 
Location: Preferably Munters HQ in Kista, Sweden, with options for remote work.
Language: Swedish, English
Job Type: Full-Time

Job summary

The Chief Information Security Officer for Munters is responsible for developing and implementing a comprehensive global information security strategy to protect the company's data, assets, and IT infrastructure. The CISO will ensure cybersecurity compliance across the company's operations in EMEA, Asia and Americas and works to mitigate security risks, manage incidents, and enhance cybersecurity resilience globally. The CISO is reporting to the CIO and leads a team of security professionals and work closely with stakeholders in Munters Group Management and the risk leadership team. The role also requires some operational hands-on work and managing vendor relationships.

Your Profile

We seek candidates with a proactive mindset that has sincere interest in protecting the company and someone who is willing to drive business enablement and resilience while still adhering and keeping up to date with the ever-evolving regulatory landscape. Strong leadership and team management skills are important, with the ability to lead a team to set the security standards across multiple time zones and cultures. It is essential that you have excellent communication and collaboration skills to work with executive teams, regional leaders, and external stakeholders. Ability to navigate complex regulatory environments and stay up-to-date with evolving cybersecurity laws globally is equally important.

Responsibilities

We have se the primary responsibilities for this role as below, with some more detail for each responsibility:

• Global Cybersecurity Leadership
  • Develops and owns a document framework of continuously up-to-date cybersecurity policies, standards and guidelines. Oversees the approval and publication of these cybersecurity policies and practices.
  • Works with the vendor management to ensure that cybersecurity requirements are included in contracts by liaising with vendor management and procurement organizations.
• Compliance and Regulatory Management
  • Enhances the security posture by adopting a cybersecurity framework that is applicable to the organization.
  • Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
  • Develops and owns a document framework of continuously up-to-date cybersecurity policies, standards and guidelines. Oversees the approval and publication of these cybersecurity policies and practices.
  • Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
• Team Management & Development and employee security education
  • Build, manage, and mentor the security team.
  • Oversee the global training programs and security awareness campaigns for employees that address region-specific security risks and regulatory requirements.
  • Cultivate a collaborative security culture that encourages information sharing, adherence to security best practices, and cross-functional engagement.
• Risk Management & Incident Response
  • Conduct regular risk assessments globally, identifying and managing security threats to critical applications and services at the regional and global level.
  • Collaborate with the enterprise risk management function to align assessment findings with business risk.
  • Deliver and maintain the global incident response plan for the SIRT.
  • Lead incident management together with MDR vendor and any post-incident reviews to strengthen security resilience.
• Security Operations
  • Oversee day-to-day global security operations, including vulnerability assessments, security monitoring, and threat management across global networks.
  • Ensures that security is embedded in the project delivery process by providing the appropriate cybersecurity policies, practices and guidelines.
  • Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action.
  • Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem.
  • Develop and enforce global standards for data protection and privacy, especially in relation to cloud, IoT, and mobile security.
• Collaboration & Communication
  • Serve as the primary point of contact for all global information security-related matters and provide updates to the CIO and executive leadership team.
  • Work closely with legal and compliance team to ensure alignment of security practices with regional laws and business needs.
  • Foster relationships with external stakeholders, including regulators, auditors, and cybersecurity authorities in all key regions.

Qualifications and skills

The ideal candidate would have the following qualifications:

• Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
• Relevant certifications such as CISSP, CISM, CISA, or other certifications in cybersecurity.
• 10+ years of experience in IT and security, with at least 5 years in a global leadership role.
• Proven track record of managing global security programs across multiple regions.
• Experience in compliance with global regulatory frameworks such as GDPR and region-specific regulations.
• Technical Skills, international cybersecurity frameworks and standards, including ISO/IEC 27001, NIS2 Directive, and Cyber Resilience Act etc.
• Knowledge in security technologies for firewalls, antivirus, networks etc.

About Munters

Munters is a global leader in climate solutions for mission-critical processes. We offer innovative, efficient and sustainable solutions for customers in industries where controlling indoor humidity, temperature and energy efficiency is mission critical. Today we are more than 5000 employees working in more 30 countries with a net sale of 14 BSEK.