Product Cybersecurity Officer

Epiroc is a leading productivity partner for the mining, infrastructure and natural resources industries. With cutting-edge technology, Epiroc develops and produces innovative drill rigs, rock excavation and construction equipment, and provides world-class service and consumables. The company was founded in Stockholm, Sweden, and has passionate people supporting and collaborating with customers in more than 150 countries. Learn more at www.epirocgroup.com. We are now looking for a Product Cybersecurity Officer to take on a newly established and strategically important role within Epiroc. This position will oversee product cybersecurity across all divisions and act as the company’s central authority on security matters. Reporting to the VP Innovation and Technology, with a dotted line to the Head of Information Security, you will play a vital part in shaping how Epiroc secures its products today and in the future. Let’s accelerate the transformation. Together. Your mission In this role, you will ensure that every division has the knowledge, tools, and processes needed to develop and maintain secure products. You will contribute both strategically and operationally to make product cybersecurity not only compliant with legal requirements, but also a competitive advantage for Epiroc. To succeed, you will rely on your ability to see the bigger picture, balancing investment decisions, risk appetite, and long‑term business goals. As our Product Cybersecurity Officer, you will lead Epiroc’s CRA (Cyber Resilience Act) Program and represent the company in matters related to product cybersecurity. You will drive group‑wide initiatives by building strong networks, promoting consistent ways of working, and strengthening cybersecurity awareness throughout the organization. You will own the overall governance for product cybersecurity (PCMS), including lifecycle processes, procedures, and risk management frameworks. Your work will also involve establishing, coordinating or actively participating in the Product Security Incident Response Team, where you will support incident analysis, decision‑making, and internal and external communication. A key aspect of the role is to define general requirements for cybersecure product development, sourcing, and manufacturing. You will also be responsible for establishing effective security‑incident monitoring practices and communication channels, as well as creating training strategies that support the full product security lifecycle. Collaboration is at the heart of this position, and you will work closely with colleagues across functions, as well as with legal and compliance teams, to ensure alignment with regulatory standards and business priorities. Location and other The position can be based in either Stockholm or Örebro. Occasional travel is required. We can offer a hybrid workplace - a way of working that provides flexibility and promotes a healthier balance between professional and personal life. Application and contact information We encourage you to submit your application through our online career site as soon as possible, but no later than February 5, 2026.  For questions about the position, please contact: Per Roos, Vice President Innovation & Technology, per.roos@epiroc.com Maria Tedsjö, Recruitment specialist, maria.tedsjo@external.epiroc.com. Your profile You have a University degree in Computer Science, IT, or a similar field, along with experience in product portfolio management and software engineering. You bring curiosity and some hands‑on understanding of cybersecurity, together with experience in incident handling and communication. It is an advantage if you have worked with cybersecurity standards or frameworks such as IEC 62443, ISO 27001 or EN 18031 or hold certifications like CISSP, CISM or OCSP. Experience with vulnerability scanning tools, penetration testing or leading large cross‑functional initiatives is also beneficial. We value individuals who are eager to learn, who communicate clearly and openly, and who thrive in environments where collaboration and long‑term thinking matter. Even if you don’t meet every requirement, we encourage you to apply - your perspective, motivation, and willingness to grow are just as important.