Cyber Assurance Manager

As pioneers and global leader, Hiab is ambitious to write forward our success story, inspiring and shaping our industry. The world in which we operate with our class-leading products, intelligent services and innovative digital solutions is constantly changing.

Together, we keep everyday life moving to build a better tomorrow

We’re looking for a Cyber Assurance Manager, who will be working as a part of Hiab's Information Security team. In this role you will be responsible for overseeing the Information Security Management System (ISMS) and related integrated Cyber Security Management System (CSMS), ensuring compliance with relevant regulations and standards, managing cyber risks, and leading third-party security risk management. The Assurance Manager will also be responsible for implementing and maintaining security policies and procedures.

In addition governance, risk and compliance (GRC) focused actions and responsibilities this role initially has 3rd party / supplier risk management activities. 

This role is crucial for protecting company information and systems by maintaining a robust security posture, mitigating risks, and ensuring that all third parties meet security standards. 

This role can be based in Finland or other European locations and will report to the Chief Information Security Officer.
 

Main tasks and responsibilities

• Develop, implement, and maintain the Information Security Management System (ISMS) that has cyber security included.
• Ensure compliance with relevant laws, regulations, and industry standards, such as ISO 27001, R155 (CSMS requirements), CMMC2.0.
• Coordinate identifying, assessing, and mitigation of information and cyber security risks across the organisation.
• Maintain a security and cyber risk register. Manage the information security risk process as well as lead and coordinate risk assessment exercises.
• Participate in developing contingency plans to respond to possible security breaches.
• Participate in security assessments and due diligence processes of new and existing vendors.
• Evaluate security controls, identify potential vulnerabilities in vendor environments and collaborate with vendors to remediate security gaps 
• Monitor vendor security performance and compliance through ongoing assessments and reviews.
• Develop and maintain all information security policies, standards, and procedures.
• Develop and manage security awareness programs and trainings for internal stakeholders on third-party risks.
• Provide reports and scorecards on security performance to CISO.
• Respond promptly to potential security breaches and mitigate their impact from ISMS perspective.

What you’ll need to succeed

• Bachelor's degree in Information Security, Computer Science, or a related field. Master’s degree is considered an advantage
• 5+ years of experience of working in the IT business area
• Experience of solution development and/or IT service management related work in a global environment
• Proven experience in information security, compliance, and risk management.
• Strong understanding of security frameworks, standards, and best practices (for example ISO 27001, CMMC2.0, NIST CSF).
• Knowledge of relevant laws and regulations (for example NIS2, GDPR).
• Experience with security assessment methodologies and tools, and managing and mitigating third-party risk.
• Knowledge and experience of threat modelling and risk assessment.
• Excellent communication, interpersonal, and collaboration skills.
• Strong technical skills are a strong plus.
• Professional certifications such as CISSP, CISM, or CISA are considered an advantage.
• Fluency in English, both verbal and written 

You will be part of

We offer you a position in a global organisation where you are challenged with interesting and diverse tasks. These tasks will give you a great opportunity to grow professionally.
 

Interested to join?

If you are interested in this opportunity, please submit your application and CV.
 

Hiab is part of Cargotec

Hiab is a leading provider of smart and sustainable load handling solutions. We are committed to delivering the best customer experience every day with the most engaged people and partners. Hiab's premium equipment includes HIAB, EFFER and ARGOS loader cranes, MOFFETT and PRINCETON truck mounted forklifts, LOGLIFT forestry cranes, JONSERED recycling cranes, MULTILIFT skiploaders and hooklifts, GALFAB roll-off cable hoists, tail lifts under the ZEPRO, DEL and WALTCO brands, and HIPERFORM, a suite of smart solutions. As the industry pioneer, Hiab continues to make load handling smarter, safer and more sustainable to build a better tomorrow. www.hiab.com 

Hiab is part of Cargotec Corporation. Cargotec's (Nasdaq Helsinki: CGCBV) sales in 2023 totalled approximately EUR 2.5 billion and it employs over 6,000 people. www.cargotec.com