Director of Information Security Governance & Compliance

Company Description

Statistics show that women and underrepresented groups tend to apply to jobs only if they meet 100% of the qualifications. Sobi encourages you to change that statistic and apply. Rarely do candidates meet 100% of the qualifications. We look forward to your application!

At Sobi, the work we do every day redefines the standards of care and transform the lives of people living with rare diseases.

As a diverse team of entrepreneurial people, we are passionate about our growth journey towards becoming a global leader, making a difference for rare disease patients, moving quickly and always challenging the status quo.

We are committed to an inclusive, sustainable and flexible workplace that fosters growth and development.

Job Description

About the role

As the Director of Information Security Governance & Compliance, you will play a key leadership role in ensuring that Sobi’s information security framework is robust, effective and fit for a highly regulated environment. You will lead governance and compliance activities across Sobi and our external partners, drive audits and control reviews, maintain a strong and up-to-date ISMS, and oversee CAPA and continuous improvement initiatives. In this role, you will work closely with the CISO, Quality and key stakeholders across the business to make sure our policies, processes and responsibilities are clear, aligned and continuously improving.

You will join our Global Information Security team, report to the CISO, and be based at our Stockholm HQ or Global Hub in Basel. This is a hybrid role with the opportunity to work in an international setting where your expertise will have visible impact across the organisation.

Your impact will include:

• Lead and evolve Sobi’s information security governance framework and ISMS, including policies, standards and procedures.
• Ensure alignment with key regulatory and industry frameworks such as NIS2, GDPR and ISO 27001.
• Plan and lead internal and external audits, as well as compliance reviews across the organisation and third parties.
• Oversee incident follow-up, root cause analysis, CAPA activities and risk mitigation tracking to closure.
• Establish meaningful compliance and risk metrics, continuous improvement processes and provide clear reporting to support decision-making.
• Partner closely with the CISO, Quality, business stakeholders, auditors and external partners to build a strong culture of accountability and security awareness.

Qualifications

About you

You are a confident and pragmatic information security leader who enjoys combining governance, compliance and continuous improvement in a way that creates real business value. You are comfortable navigating a complex, regulated environment and know how to translate frameworks and requirements into practical ways of working. Just as importantly, you build trust across functions and communicate with clarity—whether you are partnering with senior stakeholders, supporting audits, or driving follow-up actions with the wider organisation. You bring a structured and proactive mindset, a strong sense of ownership, and a genuine interest in building a security culture that is both effective and sustainable.

What you bring

• Strong experience in information security governance, risk and compliance, ideally in a global or highly regulated environment.
• Solid knowledge of relevant frameworks and regulations such as NIS2, GDPR, ISO 27001 and ideally GxP/ALCOA+ or GAMP.
• A proven ability to lead audits, compliance programmes and continuous improvement initiatives.
• Experience working with third-party assessments, supplier compliance or external oversight.
• Strong analytical skills with the ability to prioritise, follow through and create structure in complex topics.
• Excellent communication and stakeholder management skills, with the confidence to influence across functions and levels.

Here at Sobi we live by our core values: Care, Ambition, Urgency, Ownership and Partnership!

Additional Information

How to apply

We have an ongoing selection process in this recruitment and ask you to send your application as soon as possible. Click apply and include your resume.

Why Join Us?

Here at Sobi, our mission and culture get us excited to come to work every day, but here are a few more reasons to join our team:

• Collaborative and team-oriented environment
• Opportunities for professional growth
• Diversity and Inclusion
• Competitive compensation for your work
• Making a positive impact to help ultra-rare disease patients who are in need of life saving treatments
• Emphasis on work/life balance

Sobi is a global company with over 1,900 employees in more than 30 countries and are committed to the societies where we operate. We are a specialised international biopharmaceutical company transforming the lives of people with rare and debilitating diseases, providing reliable access to innovative medicines in the areas of haematology, immunology, and specialty care. Sobi’s share is listed on Nasdaq Stockholm. More about Sobi at sobi.com and LinkedIn.

We know our employees are our most valuable asset and our culture conveys that. We offer a competitive benefits package, to support the health and happiness of our staff.

Sobi Culture

At Sobi, we refuse to accept the status quo. This is because we have witnessed first-hand the challenges facing those affected by rare diseases and have used this knowledge to shape our business to find new ways of helping them.

As a specialized biopharmaceutical company, we are dedicated to rare diseases. And we see this focus as a strength. By effectively turning our research into ground-breaking treatments, we help make medicine more accessible and open more possibilities for patients and more opportunities for those caring for them. This has been our approach since day one, but we know we can’t change the world of rare diseases on our own. Accomplishing this requires strong partnerships with patients, partners and stakeholders across the entire value chain. Together, we define how our business can create solutions that serve the needs of those affected by rare diseases while facilitating sustainable growth.