Do you want to take part in driving the green energy transition in Europe towards a fully carbon-neutral, sustainable energy system? Are you a developer who is curious, open-minded, proactive and enjoys working in an explorative and collaborative way? Do you want to work together with engineers, IT experts and data scientists trying to find the secrets hidden in the vast amounts of data related to our services? Please join us making a difference.
We are looking for an experienced Security & Compliance Officer to join our Security, Risk & Compliance Department (SRC). Are you the one we are looking for?
Join Nordic RCC, a fast-developing company providing regional power system planning data and security analysis to support the national Transmission System Operators of Finland, Norway, Sweden and Denmark to ensure the efficient operation of the Nordic Power System and high security of power supply at any time.
The energy sector in Europe is undergoing a dramatic transition towards the fully carbon neutral, sustainable energy system. The Nordic countries have set particularly stretching targets for the transition during this decade. Nordic RCC is an important contributor to the green transition as the provider of regional power system planning data and security analysis to support the national transmission system operators.
You will be part of the department Security, Risk and Compliance (SRC). In addition to you, the SRC-team consists of two employees. SRC has a close collaboration with all departments in Nordic RCC, our Nordic owners and ENTSO-E.
SRC supports the business through Security and Risk Strategies, Policies, assessments, compliance processes and advisory.
You will report to Thomas Bille Joensen, CISO, Head of SRC. You may expect some traveling especially in the Nordic countries.
Job description
As a Security & Compliance Officer, you will collaborate with Business Functions, Projects, IT Development, IT Operations & Infrastructure, External IT auditors, authorities and our suppliers.
Security:
- Support and maintain information security policy, employee guidelines and awareness training.
- Drive and facilitate information security risk assessments.
- Requirement outlook, break down and implementation.
- Implementation of NIS 2, Network code on Cyber Security and ENTSO-E security standards.
- Develop and support information security reporting and KPI’s.
Compliance:
- Prepare, coordinate, and drive mandatory audits of IT, information security and risk management.
- Build close and strong relation to Nordic RCC’s external auditors.
- Report audit results to the organization, Board of Directors, and assure departments mitigation of deviations and risks.
- Train and prepare the organization for auditing of controls, delivery of evidence etc.
- Drive, facilitate and quality assure self-assessments issued by Nordic and European authorities.
- Follow and contribute to the European compliance roadmap developed by ENTSO-E.
The tasks will develop and evolve over time, and you will work together with the Chief Information Security Officer and the SRC Team to structure the role, so it fits your profile and career development.
Required skills and experience
The ideal candidates will most likely have:
- A master’s degree in computer science, Law, IT, Business Administration or Economics.
- At least five years of experience in information security management.
- At least five years of experience in compliance management and internal controls with a particular focus on information security.
- Experience with internal and external stakeholder management, independent reporting, dialogue with authorities and regulators.
- Experience with frameworks and standards such as ISO 27001/2, CIS18, NIST CSF, ISO 27005, ISAE 3402 and similar.
- Passed certifications such as CRISK, CISA, CIA, CISM, CISSP, ESL, or you are planning to certify as a part of your career path.
Additionally, you have:
- The capability to work in a dynamic environment with many and ongoing deadlines with a high professional or personal integrity.
- A proactive and explorative mindset.
- A willingness to challenge the status quo and explore new approaches.
- Strong teamwork, problem-solving and communication skills.
- Knowledge of the Energy sector and power systems is an advantage, but not a requirement.
An international and flexible working environment
Your daily workplace will be in our newly furnished office premises in Copenhagen Towers, Ørestad. We are offering workplace flexibility to ensure a healthy work-life balance, including the possibility for working from home some of your worktime.
You will join a company of competent, diverse and enthusiastic colleagues. You will also at times work in teams with colleagues from the Nordic TSOs, either virtually or physically. We are currently 22 nationalities with more than 30% women (striving to improve this balance) and all ages. Our values of fellowship, curiosity, respect, and transparency have been defined by all employees. They identify how we behave and shape the way we work together, and we expect you to see yourself in them.
Application deadline and contact information
Please apply online as soon as possible (in English) and no later than January 1st 2025. We will be conducting interviews on a continuous basis.
To ensure a fair and unbiased recruitment process, we kindly request that you do not include photographs in your CVs or application materials.
If you have any questions, please contact Thomas Bille Joensen, CISO, Head of Security, Risk & Compliance, tel. +45 3050 2082.
The position requires a governmental security clearance issued by Danish authorities which will be facilitated by Nordic RCC.