Chief Information Security Officer (CISO)

Are you ready to take on the leading security role in one of the largest tech companies in the Nordics? With plenty of challenges to tackle and opportunities for professional growth, this is your chance to make an impact in a dynamic and innovative environment.

“The CISO plays a critical role at Schibsted Marketplaces, ensuring that our customer data is safeguarded, while our services across the Nordics are resilient and protected in an ever-evolving threat landscape.”

Sven Størmer Thaulow, CPTO and EVP Schibsted Marketplaces

The Role

As the Chief Information Security Officer (CISO) at Schibsted Marketplaces, you will lead the central team responsible for security governance, risk, and compliance, while also overseeing the global security community across the organization. Supported by a dedicated executive leadership team and the Board, you will ensure that security measures are implemented effectively, achieving the right level of protection while fostering growth, enabling innovation, and maintaining operational efficiency across the business.

Key Responsibilities

• Lead and develop the Security Governance, Risk and Compliance team.
• Chair the Security Leadership Group, coordinating efforts with representatives from IT Security and Product Security teams.
• Run the company-wide security forum, fostering a culture of collaboration, trust, and shared accountability.
• Develop and maintain security governance and steering documents within the existing Information Security Management System (ISMS), including the Security Policy and Security Handbook.
• Define and implement a cybersecurity assurance framework aligned with industry standards (e.g., ISO 27001:2022, NIST CSF), regulatory requirements (e.g., GDPR, NIS2, DORA), and customer expectations.
• Develop and execute a security strategy aligned with the organization’s risk appetite and identified security risks.
• Provide regular reports on security performance and risks to the Board of Directors and executive management.
• Effectively communicate security risks and strategies to key stakeholders across the organization.
• Promote and embed a strong security culture at all levels of the organization.

Qualifications and personal characteristics

• Master’s degree in Computer Science or equivalent professional experience.
• Over 5 years of experience in a security leadership role, including team management and budget responsibilities.
• Proven knowledge and experience in designing and implementing Information Security Management Systems (ISMS) aligned with internationally recognized standards, such as ISO 27001, NIST CSF, or similar frameworks.
• Hands-on experience in cloud IaaS and SaaS environments, with security management expertise in platforms such as AWS, Google Cloud, or Azure.
• Practical experience in implementing regulatory compliance frameworks, such as GDPR, NIS2, SOX, or PCI DSS.
• Active certifications such as CISSP, CISA, or CISM are desirable but not mandatory.
• Excellent verbal and written communication skills in English.

We review applications continuously, so if you're interested, apply now! Feel free to reach out to our hiring manager, Lars Westvang (lars.westvang[AT]schibsted.no), or TA Partner, Camilla Hesselberg (camilla.hesselberg[AT]schibsted.no), with any questions!