Senior Technology Risk Specialist

tra #technology Risk trc

The Technology Risk and Controls (TRC) risk management organization drives the institutionalization of Technology Risk Management disciplines in the Group with the objective of providing a transparent view of Danske Banks IT risk posture at any given time.

We are looking for a colleague to join Technology Risk Assessments (TRA) team, under the TRC department. Where we provide Information Technology and Security risk management service. Our objective is to ensure a risk-based approach on new services and technology solutions in accordance with the enterprise risk management framework. We partner with technology and business units on a daily basis and operate in a customer centric service organization structure.

Depending on your knowledge and experience, we may offer a different seniority of this role.

"Join our team and gain access to dedicated training budget and many more benefits."

You will:

  • Be involved in all IT Risk Management lifecycle stages (identification, assessment, response, review, monitoring, retirement, reporting)
  • Facilitate and conduct Technology Risk Assessments workshops with technology and application service owners
  • Design, implement and test technology controls
  • Oversee and administrate Technology Risk Register (ServiceNow)
  • Ensure risk management policies are adhered to
  • Oversee and coordinate third-party risk assessment
  • Prepare reports on technology risk posture for various stakeholders
  • Host events and trainings for service owners, promoting a risk driven culture
  • Be engaging with key stakeholders across the Group

About you:

  • 5 years’ experience in IT Risk Management, IT security, IT risk and control encompassing or equivalent (e.g. IT Risk management, IT Controls management, IT Auditing experience)
  • Working familiarity with the ISF Standard of Good Practice, NIST CSF, ISO27k, PCI DSS or similar
  • IT risk and control assessments (leading and facilitating workshops) experience on services, applications, infrastructure components, etc.
  • Experience in IT Risk treatment decision process (IT Risk mitigation plans)
  • GRC (Governance Risk Compliance) tooling (preferably ServiceNow)
  • Upper-Intermediate level spoken and written English
  • Strong analytical, communication, teamwork and interpersonal skills, resilient to time pressure conditions

We will consider as a bonus:

  • IT related background (experience in system and network design, cloud infrastructure, system administration)
  • Professional security certification (e.g. CISM, CISA, CRISK, ISO 27k1 Lead Implementer, CISSP, ITIL, COBIT, etc.)

We offer:

Monthly salary range from 3440 EUR to 5160 EUR gross (based on your competencies relevant for the job).

Additionally, each Danske Bank employee receives employee benefits package which includes:
    • Growth opportunities: professional & supportive team, e-learnings, numerous development programs; (incl. professional certificates); 100+ professions for internal mobility opportunities.
    • Health & Well-being: a diverse, inclusive, work & life balance work environment; health insurance from the first day of employment; mental well-being practices; partial psychologist counselling compensation; silence and sleep zones at the office; game rooms.
    • Hybrid working conditions: home office budget (after the probation period); modern Danske Campus workplace developed with anthropologist for the best employee experience.
    • Additional days of leave: for rest, health, volunteering, exams in higher education institutions, and other important activities. Moreover, for seniority with Danske Bank.
    • Monetary compensation package: accidents & critical diseases insurance; financial support in case of unfortunate events, travel insurance; IIIrd Pillar Pension Fund contribution.

Canteen services and free fruits

24/7 gym services and group trainings

Health insurance from the first day of employment

Third pillar pension fund

See all the benefits HERE.

Join our team!

Up for a challenge?
Apply or reach out to me if you have any questions.

Pavel Liminovic, Lead of Risk Assessments

Apply via:

Send your CV

If you are interested, please send your CV in English no later than 21.06.2023. Confidentiality guaranteed.

Your title in job contract will be Officer, business risk and controls (IT information risk analyst), senior.