Blykalla is building advanced nuclear technology, and that requires information and cyber security that works in practice. We are now looking for an Information Security Officer who will take responsibility for how information security is shaped, implemented, and used across the organisation.
The role sits with the COO in the Operational Excellence team and focuses on cyber security, the digital workspace, collaboration tools, cloud environments, and product-related information flows. The task is to ensure that information security enables efficient work while meeting export control, regulatory, and national security requirements.
Blykalla is developing the next generation of nuclear technology with our Small Modular Reactor (SMR) based on innovative fuel, materials, and reactor designs. As Sweden’s only SMR developer, we are on a mission to decarbonize industries and enable safe, scalable, and sustainable energy solutions. Our technology uses uranium nitride fuel and lead coolant, creating novel challenges and opportunities for the fuel cycle and supporting systems.
Set and improve information and cyber security in daily operations
Take overall responsibility for how information security is implemented across our digital workspace and product-related information, with a strong focus on cyber security in practice.
Stay closely connected to systems and workflows to understand practical constraints and risks, while working through IT and engineering teams for implementation.
Maintain and evolve the organisation’s information security and privacy framework so that it reflects operational reality and fulfil regulatory requirements and business needs.
Translate regulatory and export control requirements into workable security
Turn export control, data protection, and other regulatory requirements into clear, actionable security rules and technical guardrails for everyday work.
Ensure compliance with applicable Swedish and EU regulations, including the Network and Information Security Directive (NIS2), through practical and proportionate measures.
Prepare for and support external audits, regulatory reviews, and assurance activities related to information security standards.
Own security risk, incidents, and resilience
Maintain the organisation’s view of information security risk, defining acceptable risk levels, mitigation needs, and escalation paths.
Lead preparedness for and response to information security incidents, including coordination, regulatory interaction where required, and follow-up actions.
Drive continuous improvements in security posture and resilience based on incidents, assessments, and changes in the threat landscape.
Coordinate security across teams, products, and external providers
Act as the main coordination point for information security across engineering, operations, legal, and management.
Set direction for security aspects related to products, platforms, and supporting infrastructure, including PLM, secure development practices, vulnerability handling, and information security across the product lifecycle.
Work with external digital and cloud service providers on security requirements, incidents, and follow-up to ensure external dependencies remain controlled and fit for purpose.
This role suits someone who combines sound judgement with a practical, hands-on understanding of cyber and information security. You are comfortable setting direction and making decisions, but you also enjoy working close to systems and people to ensure that security measures actually work in practice. You understand the need to balance security, regulatory compliance, and operational efficiency in a growing organisation.
Practical experience working with information and cyber security in regulated or security-sensitive environments.
A technical background in IT, cloud infrastructure, or secure system
Experience implementing security controls and ways of working, not just defining policies and frameworks.
Familiarity with regulatory and assurance-driven environments, including export control, data protection, or critical infrastructure regulation.
Experience collaborating with engineering teams, IT, legal functions, and external service providers.
Fluency in English; Swedish is an advantage.
Eligibility to work with sensitive and controlled information in Sweden.
This position is for our office in Stockholm.
Blykalla is on a mission to change the energy future of the world, by providing green, safe, baseload energy through next generation small modular lead-cooled reactors.
Blykalla is a Swedish deep-tech company founded in 2013 by Janne Wallenius, Peter Szakalos and Jesper Ejenstam as a spin-off from the Royal Institute of Technology in Stockholm, where Janne Wallenius carried out research on design and safety analysis on lead-cooled reactor systems since 1996.
We develop and build lead-cooled small modular reactors (SMRs) to deliver safe, scalable and carbon-free baseload power supply. Thanks to lead-cooling, we achieve high safety in a very compact format, allowing for a simple and cost effective design that can be mass produced. Our unique reactor design will provide safe and green baseload energy that is a perfect complement to solar and wind power.
