Global Information Security Director

Global Information Security DirectorJoin us in our mission to improve people’s mobility. Embla Medical seeks a Global Information Security Director to lead the Company’s global information security framework and strategy. This role is responsible for ensuring organizational compliance with international standards, regulatory requirements, and internal governance frameworks in the field of Information Security. The Global Information Security Director coordinates efforts among security, compliance, and data protection teams to promote security by design and operational resilience. The position involves protecting the organization's information assets, developing security strategies, and maintaining adherence to relevant regulations.

This role demands a blend of technical proficiency, strategic vision, and proven leadership to effectively mitigate security risks and safeguard sensitive information. Relevant expertise includes conducting internal audits, performing risk assessments, and developing robust policies. In-depth knowledge of ISO 27001/27701, GDPR, HIPAA, and other global compliance standards is essential, along with exceptional leadership, communication, and stakeholder management abilities. This role will report to the VP of Corporate Governance, and work within a team of leaders and experts all committed to building an exceptional future for Embla Medical. We offer flexible working arrangements, with headquarters in Reykjavík.

Some international travel might be required. Key ResponsibilitiesStrategic Planning: Formulate and execute a comprehensive global information security strategy that aligns with the organization’s business goals and risk appetite. Responsibilities include identifying key security initiatives and establishing a clear implementation roadmap. Risk Management: Conduct regular risk assessments to identify potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls and policies. Policy Development: Establish and enforce information security policies, standards, and procedures. Ensure that these align with industry best practices and regulatory requirements. Incident Response:

Oversee incident response activities in the event of a security breach, ensuring that the organization is prepared to respond effectively. Compliance: Stay updated on relevant laws, regulations, and industry standards related to information security, ensuring that the organization's practices comply with these requirements. Collaborate closely with IT and business leaders within the organization’s business areas and functions. QualificationsRelevant university degree in Computer Science, Cybersecurity or related/relevant fields, and/or 10+ years' experience within the field of information security. This includes experience in risk assessment, security architecture, and security operations.

At least 5 years' experience in a leadership role is required. Recognized certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are preferred. Experience of project/program management planning. Experience of collaborating with business stakeholders across various levels and functions of an organization. Professional communication skills, with a high level of both written and spoken English. Experience of working within a global company is highly preferred. We encourage people to apply for the position regardless of gender or origin. Application period ends September 7th.