Information Security & Privacy Manager

Syncron is a leading SaaS company with over 20 years of experience, specializing in aftermarket solutions. Our Service Lifecycle Management Platform offers domain-fit solutions for:

• Supply Chain optimization,

• Pricing strategy,

• Service Fulfillment (e.g. warranty management, field service management, service parts management, knowledge management).

Our company has a global presence with offices in US, UK, Germany, France, Italy, Japan, Poland, India and group headquarters in Sweden.

We build upon the belief that our greatest strength is our People. Our unique company culture has been appreciated by our Employees.

With this we are winning the hearts and minds of world-leading organizations, such as JCB, Kubota, Electrolux, Toyota, Renault and Hitachi.

About the role

We are looking for a structured and quality-focused Information Security & Privacy professional to join our global InfoSec team at Syncron.

This is a hands-on role with broad ownership across governance, risk, compliance, technical security oversight, and privacy. You will work closely with engineering, product, legal, and business stakeholders to ensure that security and data protection are embedded in how we build and operate our services.

The role also includes serving as the organization’s Data Protection overseer, acting as an independent advisor on privacy matters and reporting to senior management on data protection topics.

You will be part of a collaborative and international security team, contributing to both operational execution and long-term security maturity.

What would you do?

In this role, you will work across security, privacy, and compliance in an integrated way. Your responsibilities will include:

• Advise the organization on data protection and regulatory requirements (e.g., GDPR and other global regulations)

• Monitor compliance with privacy and information security obligations by e.g. deliver gap assessments and annual privacy reporting

• Conduct and manage DPIAs, ROPAs, privacy and information security risk assessments

• Maintain and improve the Information Security Management System (ISMS) and support compliance with e.g. ISO 27001, SOC 1, SOC 2, NIST, NIS2, CRA, GDPR and AI Act

• Support customer-facing initiatives by contributing to sales processes and responding to security, compliance and privacy inquiries from customers and prospects

• Develop and update security and privacy policies, procedures, and governance documentation e.g. data privacy agreement for vendors and customers

• Partnering with Product and Engineering to ensure regulatory and security requirements are effectively implemented, including reviewing cloud environments (e.g., AWS) from a privacy and risk perspective

• Mapping and analyzing data flows to identify where personal data is processed, stored, and transferred

• Assessing the design and effectiveness of security controls, with a focus on practical implementation

• Translating regulatory and policy requirements into clear, actionable technical and organizational controls

You will act as a key point of contact for privacy and security topics within the business unit and collaborate across Legal, IT, HR, Tech and Product.

What we expect:

We are looking for someone who:

• Works in a structured and thorough way

• Cares about quality and getting the details right

• Communicates clearly in writing and verbally

• Builds strong working relationships across teams

• Takes ownership and follows through

• Stays calm and solution-oriented when priorities shift

• Is curious and continuously developing their knowledge

• Is comfortable working independently while being part of a global team

You do not need to be an expert in every framework listed. If you have solid experience in security and privacy and are motivated to grow further, we encourage you to apply.

Experience & Background

• Experience in Information Security, GRC, Privacy, or related areas

• Relevant academic background

• Practical experience with security or compliance frameworks such as ISO 27001, NIST, SOC

• Understanding of GDPR and general data protection principles

• Experience with risk assessments and/or DPIAs

• Exposure to cloud environments (e.g., AWS)

• Ability to collaborate across technical and non-technical teams

Unsure if you meet all the job requirements but passionate about the role? Apply anyway! Syncron values diversity and welcomes all Candidates, even those with non-traditional backgrounds. We believe in transferable skills and a shared passion for success!

#LI-SYNCRON
#LI-Remote
#LI-Hybrid