Are you Prorenata’s new Information Security Manager?

We’re looking for a skilled and hands-on Information Security Manager to strengthen and structure our security work across product development and internal operations.

Prorenata develops user-friendly, efficient and engaging tools for professionals who otherwise have to live with outdated, hard-to-use systems. We’ve been profitable for over ten years, are growing quickly, and have our office in central Stockholm.

Our product, Prorenata Journal, is a leading electronic health record system for Swedish school health services, used by the absolute majority of Sweden’s municipalities. As such we take pride and make great efforts in our security work.

About the Role

As Information Security Manager at Prorenata, you will strengthen and structure our information security efforts across the company. You’ll ensure that our products, systems and processes are designed and operated according to industry standards and best practices.

The role focuses primarily on secure development and architecture (around 70%) while also supporting the company’s broader security management and ISO 27001 certification (around 30%).

Your responsibilities will include:

• Collaborating on secure coding, vulnerability management and dependency control.
• Reviewing architecture and design decisions with a focus on security and risk management.
• Maintaining security guidelines and checklists for development and DevOps teams.
• Managing and coordinating information security incidents.
• Leading the technical aspects of ISO 27001 certification and NIS 2 compliance together with our Regulatory Affairs Manager.
• Supporting internal information security work, policies, risk assessments and training.
• Ensuring and when needed implementing compliance with relevant frameworks (ISO 27001, NIS 2, OWASP, GDPR, etc).
• Acting as an advisor to the CTO, COO, CPO and Tech Team Leads, and serving as a point of contact for external partners on security issues.
• Reporting directly to the CTO (who is also CEO)

We’re looking for someone who:

• Has a solid background in system development or architecture within modern web environments.
• Brings hands-on experience in information security for software development and operations.
• Understands cloud security, encryption, networking, authentication and APIs.
• Can review code and infrastructure from a security perspective.
• Is familiar with secure CI/CD pipelines, static and dynamic code analysis, and vulnerability management.
• Has experience applying international security standards and frameworks.
• Communicates fluently in English.

It’s a plus if you also have:

• Experience implementing and maintaining ISO 27001 or other ISMS frameworks.
• Background from regulated environments (healthcare, finance, public sector).
• Understanding of data protection and GDPR.
• Practical knowledge of DevSecOps and automated security controls.
• Interest in educating and engaging others in information security.
• Swedish language skills.

We offer:

• A workplace that encourages professional and personal growth.
• A warm and collaborative culture with genuinely kind and fun colleagues, we believe in community and enjoying the journey.
• A hybrid work setup: we value being at the office two to three days a week for collaboration and culture, with flexibility to work from home the rest.
• The chance to work on a product that makes a real difference for its users.
• Competitive salary and generous benefits including 6 weeks of vacation, retirement fund according to ITP1 and more.

Does this sound like you?
Submit your application via the link below, we look forward to hearing from you! Applications are reviewed continuously, so apply now and no later than November 28th.