About the Role
H2 Green Steel has partnered with Safemind to seek a Head of Information Security to join their team based in either Stockholm or Boden.
As the first employed Head of Information Security at H2 Green Steel, you will lead strategic and operational initiatives in Information and IT Security throughout the organization. This involves establishing processes, policies, and instructions in a fast-moving, unambiguous environment and implementing these guidelines across the organization.
While fundamental structures, principles, and processes exist, the primary task is to solidify further and operationalize them. H2 Green Steel’s organizational setup will evolve with time, aligning with organizational and business needs, including geographical and project scopes.
The company’s working culture emphasizes collaboration, small teams, and a high degree of autonomy and ownership. As Head of Information Security, you will explore modern, agile ways to implement information security, aligning with a decision-making process largely driven within each team.
At H2 Green Steel, innovation and sustainability converge, offering you the opportunity to spearhead cybersecurity strategies in an environment where forward-thinking solutions meet ecological responsibility.
- Develop and execute a comprehensive cybersecurity strategy to protect H2GS against evolving threats and risks.
- Define and implement security policies, frameworks, and best practices to ensure compliance with industry regulations and maintain the highest security standards.
- Oversee the design and implementation of secure systems and infrastructure, both cloud-based and on-premises, ensuring resilience, availability, and scalability.
- Develop and ensure a robust information and IT Security business continuity based on impact analysis
- Act as the primary point of contact for security incidents, conducting investigations, implementing remediation plans, and maintaining incident response readiness.
- Balance commercial gains against safety, considering various risks H2GS faces, including personnel, cyber, and others.
- Challenge conventions through bold discussions and decisions, remaining composed amid friction.
- Continuously influence relevant stakeholders across the organization to drive information security topics and raise risk management awareness.
- Interact with cross-functional stakeholders to ensure consistent policy application across projects, systems, and services.
- Contribute to current knowledge and develop a future vision for structure, people, processes, and technology to ensure data and system security.
- Collaborate extensively with the Technology team on hardware dialogue and key stakeholders on the physical vs. digital landscape dialogue.
- Conduct regular security assessments, vulnerability scans, and penetration testing to identify and address potential vulnerabilities.
- Develop and implement ongoing security awareness training and education for users.
Who You Are
This role demands strong commercial acumen due to cross-functional challenges and advanced stakeholder management skills. Balancing ambition with pragmatism while setting up processes and policies is crucial. The ideal candidate is bold, brave enough to question, and possesses the resilience to persist until challenges are resolved.
To Be Successful in This Position, You Need:
- At least 7-10 years of information and IT security experience, preferably in a leadership role (Head of Information Security, or equivalent).
- 5+ years of experience in IT, OT, risk management, information security, and compliance in a multinational environment
- Expertise in conducting risk assessments, vulnerability management, and incident response.
- Experience implementing regulatory frameworks, including GDPR and security frameworks.
- Deep understanding of cybersecurity principles, risk management, and security frameworks.
- Experience dealing with regulatory authorities, auditors, and other external stakeholders.
- Relevant professional certifications such as CISSP, CISM, CISA, or similar are highly desirable.
- In-depth knowledge of secure software development methodologies, cloud security, and on-premises environments/technologies/security.
- Ability to build relationships and partner with internal and external stakeholders on information security.
- Demonstrable experience in managing information security operations or incident response in complex organizations.
- Innovative thinking, the ability to connect previous experiences to find better solutions and a continuous interest in emerging technology and innovations in information security.
- Demonstrated expertise in building cybersecurity frameworks and protocols for greenfield projects is a big plus.
- A proven track record in securing industrial IoT environments and implementing cybersecurity technologies relevant to industrial environments and an understanding of the specific challenges is a big plus.
About our client:
H2 Green Steel is on a mission to disrupt the global steel industry by producing green steel, with the end goal of bringing CO2 emissions to zero. By using green hydrogen and fossil-free electricity instead of coal; water and heat will be our primary emissions. By 2030, their ambition is to produce 5 million tonnes of green steel annually in their fully integrated, digitalized, and sustainable plant in Boden, located in northern Sweden – currently in the construction phase. But this is just the beginning – their expertise in green hydrogen will enable them to decarbonize other industries in addition to steel, and they look forward to what’s next in store for them.