Chief Technology Risk and Controls Officer

Are you inspired by working with a variety of stakeholders and providing expert advice on all topics related to the technology risk management lifecycle, from identification and assessment to retirement? Do you possess a strong understanding of both inherent and residual risks within the technology domain, including how controls can effectively strengthen an organisation’s residual risk profile? Are you comfortable facilitating and leading risk assessment workshops and driving critical discussions among technology and application service owners?

If you answered yes to these questions, you might be the perfect candidate to join our team as a new IT Risk and Controls Officer in the Technology Risk Assessments team, part of Security, Resiliency and Control – a unit dedicated to keeping Danske Bank safe and secure from technology risks.

As our new officer, you will be integral to the team that offers technology risk assessment and advisory services across the bank. Functionally, you will manage and conduct technology risk assessments with service owners, our key stakeholders, and consult on a wide range of new and emerging technology risk areas as part of various strategic initiatives.

We offer a position located at our office in Vilnius, Lithuania, with a flexible work schedule and hybrid working options. As a forward-thinking bank, we value diversity, sustainability, and believe in the power of digital transformation. We offer a collaborative environment where you can grow, innovate, and make a meaningful impact.

Security, Resilience, and Controls department, headed by the Chief Security Officer, is an essential part of the technology organisation tasked with protecting our people, our customers, and our assets from harm – a fundamental function of a bank is the protection of customers’ money.

• 5+ years of experience in IT Risk Management, Third Party Risk Management, Outsourcing (Vendor) Management, or similar fields
• Experience in identifying and assessing technology risks and/or designing, implementing, and validating the operating effectiveness of IT general controls, including reporting exceptions and creating mitigation plans
• Working familiarity with IT controls frameworks (e.g., ITIL, COBIT, NIST CSF, ISO27001, PCI DSS, ISF Standard of Good Practice, or similar)
• Knowledge of current and upcoming regulations impacting the financial and technology sectors in the EU (e.g., GDPR, DORA, EBA guidelines on outsourcing arrangements, etc.)
• Knowledge of Governance, Risk, and Compliance (GRC) tooling, especially ServiceNow/SNOW
• Analytical, communication, teamwork, and interpersonal skills
• Approachable, pragmatic, self-starter who is easy to collaborate with others to make things happen
• Upper-Intermediate English language skills

We will consider as a bonus:

• Experience with public speaking and presentations to a variety of technical and non-technical audiences, as well as various seniority levels
• Technical familiarity with applications and infrastructure services commonly found in multi-country/global financial institutions
• Professional certifications related to technology or risk management (for example, CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementer, ITIL, COBIT)