InfoSec Student in Stockholm or Borås? Join our Security & Governance Team as an Information Security Student Worker and gain hands-on experience in a dynamic, regulated financial services environment.

In this role, you’ll implement and monitor security controls, mitigate risks, and improve internal processes. You’ll work closely with stakeholders to embed best practices, operationalize regulatory requirements, and strengthen our security posture.

This is your chance to develop real-world skills in Information Security, Cybersecurity, and GRC—and play a key role in protecting our organization.

Key Responsibilities

• Controls & assurance: Implement, monitor, and follow up on security controls; track remediation and provide clear status updates.
• Risk management: Support risk assessments for systems, processes, and third parties; document findings and follow through on mitigation actions.
• Policies & standards: Help maintain policies, procedures, and guidelines aligned to frameworks (e.g., ISO/IEC 27001, NIST CSF, CIS Controls) and emerging EU requirements (e.g., DORA/NIS2).
• Audit & evidence: Prepare control evidence, maintain audit‑ready documentation, and assist with internal/external audits.
• Incident readiness: Contribute to playbooks, post‑incident follow‑ups, and improvements to our incident management process.
• Awareness & enablement: Help produce short how‑tos, tips, and training materials that make secure behavior simple for colleagues.
• Metrics & reporting: Maintain dashboards/KPIs (e.g., control coverage, vulnerability remediation, training completion) and summarize insights for stakeholders.
• Continuous improvement: Spot process gaps and propose pragmatic, sustainable fixes.

Qualifications & Previous Experience

You are likely:

• Currently enrolled in a BSc/MSc in Computer Science, Information Security, Information Systems, or a related field.
• Familiar with security fundamentals (CIA triad, identity & access, vulnerability management, secure configuration, logging/monitoring).
• Comfortable with IT/network basics (e.g., TCP/IP, AD/Entra ID/M365 concepts, cloud fundamentals).
• Interested in governance, risk, and compliance and how regulation translates into day‑to‑day controls.
• Clear and structured in your written communication (documentation, procedures, evidence logs).
• Proactive, organized, and detail‑oriented, with a knack for finishing what you start.

 Nice‑to‑have (not required):

• Exposure to ISO 27001 or NIST/CIS controls, or coursework in GRC.
• Basic scripting or automation (e.g., PowerShell, Python) to tidy data or streamline routine checks.
• Experience with Excel/Power BI/Jira/Confluence (or similar) for reporting and tracking.
• English required; Swedish (or another Nordic language) is a plus.

What We Offer

• Real impact, real responsibility: Work on meaningful tasks that strengthen our security posture from day one.
• Mentorship & growth: Learn from experienced security and risk professionals; get feedback, guidance, and support.
• Flexibility around studies: A schedule that adapts to term time and exams.
• Career runway: Build experience that translates directly to junior security/GRC roles after graduation.
• Inclusive culture: A friendly team that values curiosity, reliability, and getting things done.