Information Security Officer

This position is based either at our headquarter office in Roskilde (Denmark) or friendly Warsaw (Poland) office where you will join our Information Security team, which is part of Risk & Security area. Risk & Security services are crucial for [xxxxx] to deliver on its strategy by being a business enabler, take strong decisions and maintaining customer trust. Risk & Security achieves this by overseeing and monitoring how [xxxxx] manages its risks and how it meets its Information Security Requirements.

The Information Security team supports 1st line in:

• Managing risks and implementing security controls according to [xxxxx]’s control framework
• Validating the effectiveness of internal controls in the 1st line of defense in relation to [xxxxx]’s established Information Security Requirements
• Creating a consolidated risk picture for [xxxxx] and reporting to relevant stakeholders

It is your responsibility as an Information Security Officer to ensure that [xxxxx] is able to deliver secure, stable and compliant solutions to its customers, by ensuring that a sufficient and effective level of information security is upheld in processes and systems. You will be able to achieve this in collaboration with your colleagues in the Information Security team and the rest of [xxxxx].

At [xxxxx], we work in a hybrid remote model, coming into the office on average 3 days a week and working remotely for 2 days. Your direct manager will be Dennis Jensen

Primary task and responsibilities include:

As an Information Security Officer you will work closely with stakeholders across [xxxxx], but primarily 1st line of defense and stakeholders from the two other teams in Risk & Security i.e., IT Risk and Enterprise Risk Management.

Together with colleagues from the Information security team you will ensure that a sufficient and effective level of information security is upheld across projects and systems in [xxxxx].

The Information security team is responsible for the governance of the established Information Security Requirements, which includes a high degree of interaction with all your future colleagues in [xxxxx]. Your role involves supporting your colleagues throughout [xxxxx] on how to implement and interpret the Information Security Requirements, reporting and following up on the control attestations performed. The information security team is also responsible for managing the dispensation process, which includes evaluating any risks that originates from deviations towards the Information Security Requirements.

To succeed in this role, you must be able to understand and convey the established Information Security Requirements, the threat landscape, and applicable regulatory requirements to both technical- and non-technical colleagues. You will [xxxxx]ome part of a department passionate about its work and role in ensuring the critical financial sector, a ‘can do mindset’ will get you far.

Your primary tasks and responsibilities will include:

• Evaluating dispensations, which includes risk evaluation and ensuring that sufficient mitigation plans are in place
• Advice project, product- and business process owners in [xxxxx] regarding information security aspects
• Support in the procurement process where security assessments are conducted
• Contribute to the reoccurring deliverables e.g., monthly management reporting, internal and external reporting, and assessments, risk assess dispensation requests etc.
• Maintaining and developing the general governance of [xxxxx]’s Information Security Requirements
• Assisting in maintaining and developing tasks related to the governance of [xxxxx]’s business continuity and crisis management efforts
• Supporting the Outsourcing Compliance team regarding information security aspects in procurement processes and regarding outsourcing work.

To succeed you will have:

Preferably, you hold a bachelor’s, a master’s degree, or similar education with 5+ years of experience from a similar position working with information security.

To us, curiosity and active listening is essential, and at [xxxxx] you'll join a community of helpful, ambitious, and tech-savvy people who love to explore and grow. We ensure that banks can comply with the legislation such as reporting requirements, providing solutions for individual banks as well as the entire community of [xxxxx] banks.

Furthermore, it is expected that you:

• Have experience and/or understanding of IT-infrastructure setup in relation to types of operating systems, cloud security, firewalls, etc.
• Have experience with information security related to people, processes and technologies
• Have knowledge of relevant security related standards and certifications, e.g., ISO27001+2, NIST, PCI-DSS
• Are friendly and possess constructive communication skills, are people focused and a team player contributing to a positive team environment.
• Are self-driven and can manage multiple parallel tasks

With colleagues in teams distributed across Denmark and Poland, you must be fluent in English both in writing and orally

It’s nice-to-have:

• A CISSP, CISM, ISO Lead Implementer, SABSA or similar certification
• Experience with Governance Risk and Compliance modules, preferably in ServiceNow.
• Experience from working with the financial sector and/or a software development organization
• Experience with ServiceNow, JIRA, or similar tools

Be your best self with [xxxxx]’s Benefits!

We offer a diverse range of benefits for our employees. Here are just a few of them.

• Professional development
• Healthy, varied lunch and fruit in the canteen
• Active staff associations: yoga, cycling, gokart, salsa dancing etc.
• Flexible working hours
• Health insurance
• Referral bonus

What does the recruitment process look like?

1. Send us your CV: We want to get to know you
2. Screening call: Let’s chat and see if we’re a match
3. Meet your future manager and team: See who you’ll be working closely with.
4. Personality and cognitive test: Let’s learn more about you.
5. Meet our talent partner and your future manager once more: Get feedback on your test results.
6. Time to sign the contact: We’re ready to welcome and onboard you to [xxxxx]!

Make us aware of your talent

We are an equal opportunities employer. We hire top talent regardless of race, religion, color, national origin, sexual orientation, gender identity, and age. We encourage all qualified candidates to apply. See our full list of vacancies at https://www.[xxxxx].dk/en/vacancies/

If you have any questions related to the position, please contact Information Security Manager Dennis Jensen at Dennis.Jensen@[xxxxx].dk

You can also learn more about [xxxxx] by browsing our company culture book: weare[xxxxx].pdf