Area

We are looking for a colleague to take on a leadership role within the Technology Risk Assessments and Controls (TRAC) team, which is part of Security, Resiliency and Controls – a unit working to keep Danske Bank safe from IT and cyber threats.

The TRAC team provides risk and control identification and assessment services to the bank in compliance with its IT and cyber security control frameworks. It additionally supports service owners within the business to maintain and administer their risks and controls, as well as providing management reporting information to key stakeholders and at important forums such as Risk Councils and IT Tribes meetings.

From a functional perspective, we are seeking a leader who can manage and support around 25 colleagues who execute technology risk assessments across Lithuania, Denmark and India.

The ideal candidate has a customer-centric approach and experience leading high-performing teams operating in an Agile manner. They have a strong grasp of industry good practice and an instinct for how to improve processes to achieve it – and they have the drive to lead a team to regularly exceed expectations in the process of achieving those goals.

Mission

• Lead a team of technology risk assessors who identify, assess and support service owners to register technology risks in line with Group policies and instructions and in line with industry practice
• Partner with teams across all lines of defence to monitor and manage technology risk to keep it within risk appetite
• Become a trusted partner to consult on technology risk management for both business and IT stakeholders
• Work to improve and refine the technology risk assessment process
• Support the development and refreshing of the service roadmap, team budget and headcount requirements, service metrics, etc
• Motivate and empower the service team to achieve their objectives and proactively address obstacles to the team’s work
• Contribute to team members’ professional and personal skills, including setting up personal development plans, identifying development areas, arranging professional training and providing feedback on a regular and ongoing basis

Skills

• 5+ years of professional experience in technology risk or cyber/information security
• 2+ years of professional experience in a leadership role
• Experienced in GRC (Governance, Risk and Compliance) processes and practices
• Service management experience (service strategy, roadmap, TOM, KPI/KRI, forecast, workforce planning, etc.)
• Familiar with security frameworks (e.g., ISF Standard of Good Practice, NIST CSF, ISO 27001, PCI DSS, PSD2 or similar)
• Good understanding of both qualitative and quantitative risk assessment methods
• GRC tools experience (e.g., ServiceNOW GRC, MetricStream, RSA Archer, etc.)
• Advanced English language skills
• Great soft skills and ability to handle tight schedules

Will consider as a bonus:

• IT-related academic background (university-level degree in Information Systems, Information and Communications Technology, etc.)
• Professional IT certification (e.g., CISSP, CRISC, ISO 27001 Lead Implementer, ITIL, COBIT, etc.)
• Audit certification (ACA, ACCA, CPA, etc.) obtained alongside IT-focused work

We offer:

We will ensure that exact salary offered for you will be based on your qualifications, competencies, professional experience and requirements for the corresponding job function (salary range from 4720 EUR to 7080 EUR gross EUR/monthly).

Your title in job contract will be Leader of Team.

Yancey Westerfield