About the position

We need an experienced Head of Security who can lead the way forward in bringing our product to the next level.

We have a great product (Webdoc) with many happy customers (800), a great support organization (free support for all customers), a great product management team (lots of hands-on experience and domain knowledge), and a great development department (six teams including infrastructure).

We need a skilled Head of Security who can guide and lead the way forward for our security work through technical knowledge, strategic thinking, and strong collaboration with both technical and non-technical teams.

Our product helps caregivers in the private healthcare sector work efficiently with their administration, and we integrate with many actors such as Inera, E-hälsomyndigheten, and several private actors. Experience working within healthcare, compliance, or highly regulated environments is very valuable to us.

In this role, you will define, implement, and continuously improve the organization’s security strategy and roadmap while ensuring that security is embedded throughout the organization.

You will work closely with engineering, infrastructure, and product teams to integrate security into development and operational processes, while also leading the design and implementation of security architecture and controls across systems and infrastructure.

Part of the role is being hands-on in implementing security tools, automation, and practical security solutions, while also supporting teams with guidance and best practices. It's important that you are up to date with latest trends in AI; both how we should meet the increased threats and how we should use AI as a tool to be more efficient in handling existing potential vulnerabilities.

You will lead incident response processes and continuously improve readiness and routines through testing and follow-up. Risk assessments, penetration testing, vulnerability management, and remediation strategies will be an important part of the role, including ensuring that identified vulnerabilities are prioritized, followed up on, and resolved across systems and applications.

Another key responsibility is ensuring compliance with frameworks and regulations such as ISO27001, GDPR, SOC2, and NIS2, as well as supporting and guiding audits and other compliance activities.

We also see you taking an active role in establishing and maintaining security policies, standards, and best practices across the organization, while continuously evaluating and improving security processes, tools, and methodologies.

Together with the Head of Infrastructure and other stakeholders, you will help align security and infrastructure strategies and ensure security is integrated into all parts of the organization.

You enjoy sharing knowledge and driving competence development initiatives related to security awareness and secure development practices.

We believe you are comfortable communicating security risks, priorities, and progress clearly to both technical teams and leadership.

You have experience working with legacy systems and modernizing environments while ensuring long-term maintainability and security.

As a manager at Carasent, you are expected to lead the team in accordance with the Carasent Leadership Promise, hire and onboard new employees, establish goals and development plans, and support, coach, mentor, and give feedback to team members.

We believe you have strong experience from security leadership roles and a deep understanding of application security, infrastructure security, cloud environments, incident response, vulnerability management, and risk assessment.

You have hands-on experience with security tools, automation, and scripting, and you are comfortable balancing strategic security work with practical implementation.

Strong verbal and written communication skills (Swedish and English) are important in this role, as you will collaborate across teams and present security concepts to both technical and non-technical stakeholders.

We spend 2–5 days a week at the office depending on what’s needed.

We have a great benefits package.

Are you up for the challenge?

About Carasent

Anchored in the vision of enabling future care, Carasent provides healthcare organisations with a seamless ecosystem of integrated solutions that significantly reduce administrative burdens and improve patient engagement and healthcare delivery.

Through its wide portfolio of products and services, such as cloud-based electronic health record systems, tools for electronic patient communication and virtual visits, business intelligence solutions, and numerous existing partner integrations, Carasent offers the most flexible clinical business support available in the Nordic market today.

Carasent has offices in Sweden and Norway with customers ranging from primary care to secondary care to occupational health and rehabilitation, primarily in the private sector.