Chief Information Security Officer

Admincontrol, a leader in secure board portals and due diligence tools, is looking for a Chief Information Security Officer (CISO) who values precision, trust, and proactive defence in digital security. Join us in our mission to provide the ultimate digital solutions where security and user-friendliness coexist.

As our CISO, you will be the architect of our cyber defence strategy, championing the security that ensures our customers' peace of mind. With your expertise, Admincontrol will continue to offer a smart and secure platform for sensitive data and critical decision-making processes.

Responsibilities and tasks

Leadership:

Mentor and lead a team of security professionals, cultivating an environment where vigilance and proactive measures are highly prioritised.

• Responsible for all security roles and functions necessary to maintain sufficient security of Admincontrol and its services in line with business requirements and the current threat landscape.

Strategy:

Craft and execute a security vision that adapts to evolving threats while supporting seamless user experiences.

• Develop annual plans and objectives for corporate security.
• Provide guidance and ensure the implementation of information security policies is in line with the current threat picture.

Innovative mindset:

Pioneer the adoption of security measures, always staying ahead of potential threats.

Collaboration:

Partner with various teams to embed security into the DNA of our product lifecycle. Engage with stakeholders across the business to ensure security is at the core of every product we craft and every decision we make.

• Work with other managers and executives to make sure the company is growing in a responsible and ethical manner.
• Maintain contact and co-operation with authorities and national security agencies.
• Attend conferences and training as required to maintain proficiency.
• Maintain a collaborative relationship with other Visma teams involved with information security matters (e.g., Quality, Compliance, Risk, Legal, Internal Audit) as well as the Admincontrol Management Team.

Advocacy:

Promote a culture of security awareness across our organisation, ensuring all team members are equipped to protect and prevent.

• Management of ISMS, ISO 27001 certification, risk management, privacy management, incident & crisis management and security awareness training.
• Overall responsible for protecting proprietary information and assets of the company, including the data of clients and customers.
• Responsible for overall data protection and compliance to legal, statutory, regulatory, and contractual requirements that Admincontrol, its trading partners, contractors and service providers must satisfy.
• Maintain appropriate information security policies, standards, guidelines and procedures.

Skills and experience

• A university degree in security, technology or similar field of studies.
• At least 5 years of successful work experience in managerial roles in the fields of security or technology.
• Hands-on experience with security related standards and methodologies (e.g. ISO 27001, OWASP, NIST).
• Experience with implementation and maintenance of an Information Security Management System according to ISO 27001 standard.
• Strong understanding of regulatory environment and key regulations (e.g. GDPR, NIS2, eIDAS).
• Excellent Norwegian language and fluent in English
• Personal qualities and background that are compatible with security clearance.
• Excellent communication skills, with ability to present and defend security vision to colleagues at all levels including top management.
• Proven experience in administering IT security controls within an organisation.
• Thorough understanding of technical infrastructure, networks, databases, and systems in relation to information security and risk management

In-depth knowledge in:

• Application security, with a strong focus on OWASP best practices.
• Intrusion detection and monitoring.
• Security automation and orchestration processes.
• Security incident response.
• Intelligence-driven kill chain defences.
• Tactics, techniques, and processes detection and analysis.
• Vulnerability assessments, web, and infrastructure penetration testing.

Why choose Admincontrol?

• A lead star in information security.
• An innovative organisation with high growth and ambitions.
• A unique, great culture and team spirit, with dynamic, skilled and engaged teams collaborating to achieve ambitious goals.
• Competitive salary.
• Excellent insurance and pension schemes.
• Attractive premises located centrally in Drammen.
• Social events and joint training, as well as company trips.
• Strong professional network through Visma.

Join our strong team with exceptional employee satisfaction, sustained over several years!

Admincontrol is owned by the Visma group. Read more on www.admincontrol.com.

If you have any questions about the position, please contact: Managing Director Møyfrid Øygard, [email protected].

We would like to receive your application before December 1st.