St1 Biokraft is a joint venture between St1, HitecVision, and Aneo—combining deep industrial expertise and resources to accelerate the energy transition through biogas and biomethane. Our ambition is to become the leading integrated biogas player in the Nordics and a trusted partner for customers seeking scalable, low-carbon energy solutions. We cover the entire value chain—from feedstock sourcing to production, distribution, and end-user sales—and have set ambitious targets: 3 TWh of biomethane production and 6 TWh of biomethane sales by 2030. 

To reach these goals, we are investing more than EUR 1 billion across the Nordics. Several major growth projects are underway, and our digital and operational footprint is expanding rapidly. In this context, cyber security and information security are not support functions—they are business-critical capabilities that enable safe growth, resilience, and trust. 

Chief Information Security Officer (CISO), St1 Biokraft AB, Stockholm 

As our Chief Information Security Officer (CISO), you will be responsible for developing and expanding St1 Biokraft’s security function, establishing robust governance frameworks, enhancing operational resilience, and integrating security into every aspect of our business operations and growth. This position requires comprehensive leadership encompassing strategic planning, risk management, and effective execution. 

You will collaborate with our CIO, IT, OT and business stakeholders in the Nordics, and external partners. Your main tasks are to set direction and deliver clear, fast improvements. The position is located at WTC in Stockholm. 

Your Key Responsibilities 

• Establish and execute the information security strategy, governance framework, policies, and security roadmap, ensuring alignment with organisational growth objectives and risk tolerance. 

• Establish and lead security risk management, including risk and vulnerability assessments, prioritisation, and follow-up.

• Develop and sustain comprehensive incident preparedness and response capabilities—including detection, escalation, crisis communication, and recovery—in collaboration with a SOC/NOC partner.  

• Enhance security measures and boost operational resilience in areas such as identity and access management, network protection, endpoint security, monitoring and logging, and vulnerability management, working together with IT teams and partners.

• Maintain compliance and audit readiness with applicable laws, regulations, and standards (e.g., NIS2, GDPR, and security frameworks). 

• Oversee third-party and supply chain security, including requirements, due diligence, contracts, and ongoing monitoring.

• Promote security awareness and culture through focused training, clear leadership messaging, and straightforward guidance.

• Act as a trusted adviser to management and key stakeholders—delivering decision-grade materials and recommendations that balance risk, speed, and value.

• Continuously monitor the threat landscape and translate evolving threats into practical mitigations and priorities. 

Your Profile 

• Relevant academic background in IT, information security, engineering, or law (or equivalent competence gained through experience). 

• 10+ years of experience in information security, cybersecurity, risk management, or closely related domains—ideally from complex and/or regulated environments. 

• Strong knowledge of security frameworks such as ISO 27001, NIST, and CIS (or similar), with a proven ability to translate them into working controls and measurable outcomes. 

• Experience leading incident management and strengthening security operations in collaboration with internal teams and external providers. 

• Strong stakeholder management skills: you communicate with clarity and credibility—from technical teams to senior leadership. 

• High integrity, good judgement, and the ability to make fast, fact-based decisions in a scaling environment. 

• Certifications such as CISSP, CISM are considered a plus. 

• Fluency in Swedish and English, written and spoken. 

Our Cornerstones  

At St1 Biokraft, we are one team with one dream, working towards one result: 

• Be Collaborative – we support each other, share knowledge, and succeed together across sites, functions, and countries. 

• Be Open – we are curious, transparent, and eager to learn, embracing change and honest, constructive dialogue. 

• Be Commercial – we think and act like entrepreneurs, making fast, fact-based decisions that balance risk and reward and drive sustainable growth. 

• Be the Expert – we take ownership, stay close to our operations, and continuously build capabilities to deliver high quality in everything we do. 

What We Offer 

Joining St1 Biokraft means taking a front-row seat at one of the Nordics’ fastest-growing energy companies. As CISO, you will step into a true build-and-scale role, shaping security from the ground up—setting direction, building resilience, and making a visible impact on how we protect our people, operations, and growth journey. 

You will work closely with senior leadership, influence priorities, and help build a security capability that enables the business—without slowing it down. 

Practicalities 

• Location: Stockholm  

• Start: As soon as possible 

Ready to Join Us? 

Are you ready to build a modern security capability that enables a billion-euro growth journey—and helps protect a company at the heart of the energy transition? Apply now. Please subscribe via our recruitment system (for data security reasons, we cannot accept applications by e-mail). For questions about the role, please contact Pernilla Borgström at +46 734-159855 or pernilla.borgstrom@st1biokraft.com. 

Please note that we have chosen to manage this recruitment ourselves and kindly ask that recruitment agencies refrain from contacting us.