Are you ready to take on a key role in securing critical financial infrastructure and work with IT security and compliance at BEC? Would you like to join a community of people with curious mindsets, who are building the financial infrastructure of tomorrow? Then we might have the right opportunity for you.

About the position
BEC’s new chief information security officer (CISO) heads a highly specialized unit whose main task
is to secure critical national financial infrastructure and maintain and develop a strong and effective level of IT security & compliance in BEC. The new CISO will also be part of BEC ambitious new Tech Up strategy.

BEC is seeking a CISO that understands the position of cyber defense as a critical component for our customers and the BEC organization and a person who can define the direction for BEC's IT security strategy framed on a highly risk-based approach. Further, the CISO shall maintain and develop security policies, guidelines, and processes to ensure a strong compliance setup. BEC also focuses much on the leadership of the Security & Compliance team.

With reference to EVP for Infrastructure & Operations René Munk-Nissen and as a member of the Infrastructure & Operations management team, the new CISO thus plays an important role in se-curing both infrastructure and maintain adequate compliance. The BEC CISO is leading the area together with the department manager, who has the responsibility of the team of 14 highly qualified employees with a unique and strong relationship.

BEC is a large IT organization consisting of a total of approx. 1000 employees. IT operations and cyber defense services are outsourced to JN Data A/S, and BEC is further onboarding several cloud solutions.

Primary responsibilities
The new CISO is expected to come with several years of experience and track-record from a similar position, which requires solid knowledge of the financial sector, a passion for keeping abreast of the technical developments in IT security, and the development of the threat picture in general. He/she must also keep abreast of relevant legislation and secure an effective control environment and thus compliance. Further, the CISO is responsible for supporting the organization with respect to security, audit, outsourcing, GDPR, and similar. Security & Compliance also provides GDPR con-sulting and work closely together with BEC DPO.

The CISO has a broad interface throughout the company and within BEC's various business areas as well as key customers. It is important that he / she is good at networking and building relation-ships with relevant parties, stakeholders, and customers.

The new CISO will be continuously exposed to the executive management in BEC and, occasionally, the Board of Directors. It is therefore important that the candidate is experienced and “fluent” in communicating at board level in writing and orally as well as in a business and risk perspective.

The CISO has a dotted line to the CEO implemented through BEC IT Risk & Security Board.

Who are we looking for?
We expect the candidate to have a relevant university degree within IT, security, or similar. Further, we expect the candidate to have relevant certifications like CISSP, CISM, CRISC, CCSP, ESL, CISA, or similar.

The ideal candidate comes with a solid background within IT, a strong track record in cybersecuri-ty/defense and leadership which includes the following professional and personal qualifications:

• Management experience/experience with employee development
• Solid knowledge of cybersecurity, including security in cloud solutions
• Solid knowledge of risk management, risk, and threat analysis and intelligence
• Experience in designing and executing on IT strategy and related implementation plans
• Experience with ISO 27000 series, NIST Cyber Security Framework, and similar relevant frameworks
• Experience with incident response and able to work along with 1st line in case of security inci-dents
• Experience from an outsourced IT environment - both regarding the use of consultants, partner integrations and SaaS / PaaS solutions and nearshoring and related regulation
• Experience with financial authorities and financial regulation as Outsourcing regulation, relevant EBA guidelines and similar
• Experience with it-audit and other types of audits and certifications
• Experience with user-focused awareness

On a personal level:

• Takes responsibility and makes things happen
• Curious, persistent, thrives on tackling challenges and making a difference
• Thrives for best-practices and what-good-looks-like as well as challenging as-is
• Analytical mindset and good problem-solving skills of complex and challenging issues
• Team player with good stakeholder and collaborative skills and skilled to navigate among many stakeholders
• Good to convey complex messages, so they BECome simple and easily understandable
• Outgoing with good networking skills - both internally and externally
• Robust - can handle pressure and short deadlines
• A confident person with integrity, empathy and a positive attitude to life
• Strong communicator and able to convey complexed matters clearly and simply
• Fluent in Danish and English – written as well as oral

Who is BEC?
We are a fintech company with branches in Denmark and Poland. We create financial solutions for approximately 25% of the Danish bank customers. We make it possible for them to check their account online, pay their bills, and transfer money. In other words, everything it takes to run a bank. We are organised in a flat hierarchy, where everybody works together and learn from each other in order to create the strongest possible solutions for the banks, their customers, and the Danish society. You will join a community of people with curious mindsets, who are building the financial infrastructure of tomorrow.

Can you see yourself with us?
Then we look forward to receiving your application and resume as soon as possible and no later than June 30, 2020.