Cybersecurity Engineer in Digital Health IT

• Information Technology & Telecom
• Søborg

Do you want to be part of a new strategic focus area in Novo Nordisk? Are you passionate about technology and turning security into a business enabler? Are you able to translate complex technological challenges into simple solutions for stakeholders to understand and in that way build a relation to become a trusted advisor? And most importantly - can you bring value in our journey with the aim of bringing innovative digital products to patients across the globe, living with chronic diseases? Then we look forward to meeting you!

The position
As a Cybersecurity Engineer, you will act as trusted advisor to provide technical expertise and guidance for all the components that makes up the eco-system of digital solutions. This eco-system consists of front-end components that are in the hand of patients and a range of IOT devices, including connected medical devices, smartphones, Apps and websites.

You will work with cloud and infrastructure projects from a cybersecurity perspective with the aim of helping out achieve our business goals. You will work closely with different stakeholders in both Line of Business, Global IT and in Global Information Security to ensure that advice and guidance aligns with the goals and strategy of Novo Nordisk. You will also provide security guidance to the architecture of the backend cloud-based systems and the integration of these.

To succeed in this position, you should have solid technical experience and a sincere interest in new technologies. In addition to this you are expected to understand the technologies involved in each of the components that makes up a digital solution, and you know how these are integrated.

In the role as Cybersecurity Engineer, you will act as security lead on one or more projects within Digital Health IT and fulfil the role as trusted security advisor to the Project Manager and the Project Team. In collaboration with 3rd party suppliers and the Lead Architect in Digital Health IT, you will be directly responsible for leading and defining the end-to-end product security architecture of the digital solution, and you will be involved in the evolution of the digital solution, from initial ideation to specifications and design. As these digital solutions will evolve over time, you will also provide security guidance for the continuous development of features and functionalities.

The position is based in Søborg, Denmark.

Qualifications
We expect that you have 5+ years of experience in Information Security, Cyber Threat Intelligence and/or offensive security practices - if not similar background. You are familiar with IT technical architecture and have a solid understanding of IT security, cloud infrastructure security, and consumer application security, for instance working with smartphones, apps and Bluetooth/NFC connected devices.

You have at least a Bachelor degree within IT, or comparable education. In addition to this, you have relevant certifications such as CISSP, CISM or CISA, or knowledge and experience equivalent to these certifications. You may also possess cloud vendor security certifications for Azure- or AWS cloud services or desire to obtain such.

You might have experience working with public cloud environments and services and/or have a software development background. You might have some experience working with containerization, microservices and serverless computing architectures in a security context, and you may have worked as a security subject matter expert in the field of consumer-based products including smartphone apps and connected devices. This is not a hard requirement as curiosity and willingness to learn is more important.

Experience working in a regulated industry is an advantage as well as experience working with privacy regulation HIPAA/GDPR is useful. Knowledge of the US FDA recognized UL 2900 Cybersecurity standard for medical devices would be a strong attribute. Basic knowledge working with Risk Management standards like ISO14971, 62304, 13484 is also an advantage as you will be driving the security risk assessments for the product.

As a person you are known to be positive and diplomatic. It is easy to be overwhelmed while trying to fend off an ever increasing list of threats, vulnerabilities and attack vectors, but you are able to manage this while keeping your cool and identifying realistic mitigations that can work without breaking budgets and timelines. You have a mindset that allows you to balance security best practices with other considerations from members of your team, whether they are certain business objectives, technical feasibility concerns or patient safety risks.

To succeed, it is crucial that you thrive with working in teams where you can inspire and motivate your stakeholders to take informed decisions. In addition, you must have strong work ethic and willingness to take responsibility to bring the best possible digital solutions to the market and you understand and value that you play an important part in making lives easier for people with diabetes and other chronic diseases. Since you will be working Globally you must expect some meetings to take place outside DK working hours and some travel activity.

Fluency in English (Oral and written) is a prerequisite.

About the department
Digital Health IT work in close collaboration with the Digital Health business unit as well as external partners to bring innovative digital solutions to patients globally, living with diabetes and other chronic diseases.

Digital Health IT is responsible for the IT part of delivering Apps that are directly used by patients as well as the backend services and systems that supports these. The Apps are used for medical purposes and will likely be integrated with connected medical devices such as connected insulin injection pens and connected glucose monitoring devices. Known as “Software as a Medical Device”, these Apps are highly regulated and have strict quality requirements to ensure patient safety.

To succeed with this endeavour, Digital Health IT employs a total of 26 fulltime internal and external colleagues with various backgrounds such as Project Managers, Compliance & Quality experts, Digital Solution Architects, System Managers/DevOps and we have established close relations with 3rd party suppliers and developers, that are accustomed to deliver highly innovative products in this regulated environment.

The department is fairly new and is anchored within Digital Innovation in Global IT. As the name implies, we are continuously moving into new areas, where new and innovative competencies, solutions and perspectives are needed. The Department and colleagues are full of drive and are highly flexible and adaptive in an environment where changes, updates and releases are part of every day.

Working at Novo Nordisk
Novo Nordisk is its people. We know that life is anything but linear, and balancing what is important at different stages of our career is never easy. That’s why we make room for diverse life situations, always putting people first. We value our employees for the unique skills they bring to the table, and we work continuously to bring out the best in them. Working at Novo Nordisk is working toward something bigger than ourselves, and it’s a collective effort. Novo Nordisk relies on the joint potential and collaboration of its more than 40,000 employees. Together, we go further. Together, we’re life changing.

Contact
For further information, please contact Roy Verdiani on +45 3079 4957.

Deadline
November 29th 2020.

#LI-AMS

Millions rely on us
To work for Novo Nordisk you will need the skills, dedication and ambition to change lives for the better for millions of patients living with diabetes and other chronic diseases. In exchange, we offer the chance to be part of a truly global workplace, where passion and engagement are met with opportunities for professional and personal development.