Security & GRC Specialist

Security & GRC Specialist

Are you an experienced Information Security & Governance, Risk and Compliance (GRC) specialist? And do you want a dynamic and exciting role within a green company in rapid growth? Then maybe you are our new Security & GRC Specialist.

[xxxxx] is a green company that develops, constructs, and operates projects within solar- (PV) and wind farms globally, as well as Power-to-X. [xxxxx] is increasingly reliant upon data and systems as drivers for our global business model, making information and cyber security essential.

Our core values are the foundation of everything we do: In it together, Trust and courage, Ambition, Excitement, Inclusion, and Agility.

Your new role

As our new Security & GRC Specialist you will play a significant role in developing the Group Information Security and Compliance function in [xxxxx]. One of this function's key ambitions is to ensure we are aligned with applicable directives and laws (such as NIS2), in countries where EE Group operates.

You will be trusted with tasks such as

• Establishing and maturing our Information Security Management System
• Mapping multiple standards/schemes/requirements to the ISMS controls, including ISO 27001, CIS18; IEC62443
• Supporting our general information and cyber security maturity journey globally
• Conducting internal auditing of security controls and support for country-specific local audits.
• Conducting various types of external and supply chain audits
• Conducting security risk assessments

This role allows for a lot of autonomy and the driving forward of various complex tasks and both short and long-term projects. We expect that you will ensure that the ISMS is a reliable source of actionable Management Information regarding our risk profile, current control landscape and maturity levels, to enable decision-making of executive management.

You will be reporting to the Head of Information Security with whom you will closely collaborate on most activities. Besides being part of the great Group IT team, you will work closely with most departments in the company on a joint mission to continuously improve our ISMS and Information Security controls.

A typical day for you 

• Support the business with the identification, registering and managing of risks (and identifying suitable risk owners), creating an overview of risks and security controls and enabling reporting of organizational information security risks to executive management and board.
• Supporting departments in implementing and maintaining best practice controls via follow-ups, reviews and projects.
• Provide guidance and training to colleagues and business units on information security compliance requirements.
• Continually develop and enhance your skills and knowledge, to ensure the ISMS stays relevant and accurate.

You have:

• 2+ years of experience from a similar role within Information Security/Governance, Risk or Compliance.
• Education at minimum Bachelor level within a relevant study would be preferred (e.g. IT, IT Security, Risk Management, fx Cand.Merc.IT, Cand.IT, Information Management, Cand.Merc.AUD)
• Experience with IT auditing (e.g. ISO 27001, CIS18; NIST). Experience with Operational Security (OT) auditing is not required but would be an advantage.
• Familiarity with risk assessment methodologies as well as Cyber Security regulations (NIS, NIS2).
• Experience with using Security risk management tools or managing an ISMS in excel.
• Strong written/digital communication skills and Strong skills in Microsoft Office Suite.
• Full professional proficiency in English. (Danish and German would be a plus).

As a person, you have strong stakeholder management skills, as the daily tasks involve cross-functional and cross-cultural collaboration. You enjoy being a boundary spanner and working with other teams and external business partners. You’re excited to take part in a maturity journey, where you get to be a big part of establishing the information security organization.

It would be an advantage if you have experience of the Renewable Energy sector, as well as an understanding of industrial / operational security, but this is not a requirement.

With us you get

• A chance to use and grow your skills in an ambitious environment
• You will be part of an exponential growth adventure. [xxxxx] is an international renewable energy company and we have welcomed approx. 280 new colleagues in 2023
• You will have ample opportunity to engage socially across the departments. We have a monthly Friday event, a free gym in the basement, a squash court, as well as sports events such as running club, football club, and mountain bike
• We have free parking in front of the office

The Company

[xxxxx] is a Danish privately owned company founded in 2004. We are with all the way from development, construction, operation, and selling of wind- and photovoltaic (PV) farms on land as well as on sea globally. Further, we work with the development of future energy solutions, e.g. Power-to-X. We have a solid collaboration with local stakeholders and want to involve all parts of the process.

We now have more than 750 employees with 43 nationalities represented in 23 countries. We all work for our common goal to be the most innovative company within the green transition and to create The Power of Tomorrow, Today.

Apply now!

Workplace: Søborg, Copenhagen

Manager: Marie Borbye Corini, Senior Manager, Head of Information Security

Apply: Send your CV including your motivation for the job via the link to the right. We invite for conversations continuously, so please send your application as soon as possible.

Contact Person: Talent Acquisition Specialist, Mette Sommerlund Thomsen, [xxxxx]

Our working environment is built on mutual respect for the varied strengths and talents of our employees, with a flat hierarchy and entrepreneurial thinking at its foundation. Our employees value our flexible working culture, permitting better reconciliation of work and personal life. We are a team, whether it is in the workplace, on our company trips or during our weekly company training sessions. At [xxxxx], you will not only gain great colleagues, but also new friends from every corner of the globe.