Chief Specialist in Technology Risk



We are expanding and strengthening the development of the Security and IT Risk Management discipline within the second line of defense (“2LoD”) function, a key component of this is the building of the procedures and processes. Would you like to join us in a domain lead role on the journey towards becoming a better bank?

You will drive the Security and IT Risk management domain within Group Non-Financial Risk (2LoD), which has been recently established and therefore provides a wealth of opportunity to shape the future of this domain within 2LoD.

Our work focus is on 2nd line risk management responsibilities. We aim to meet the requirements from our customers, society and live up to regulatory requirements. By establishing a strong risk culture, we create trust, maintain integrity and lay the foundation to become the customers’ preferred financial partner.

Your role is an integrated part of Group Non-Financial Risk (GNFR). In GNFR, we ensure alignment and consistency within risk frameworks and policies. As a financial institution in a dynamic environment, we face a range of both external and internal risks. Being compliant and managing risk is our core business.


You will enter a role, where you hold the responsibility for driving the embedment of Security Policy and IT Risk management Policy from a second line of defense perspective.

  • Implementation and maintenance of the Group Security and IT risk management policies and approach including formalised risk reporting
  • Implementation and embedding of the Bank’s Security and IT risk management policies, monitoring the implementation of and adherence to these policies
  • Manage and oversee the successful delivery of security and IT risk and governance projects from a second line of defense perspective.
  • Work in close collaboration with technology operations, security, privacy, compliance risk and legal teams
  • Support and advise other business units and risk functions on controls, risk and governance practices concerning Information Security and IT risks management
  • Review the design and operational effectiveness of key IT and security controls
  • Evaluate the IT risk-register and benchmarking the risk management practices
  • Challenge the set-up and ensure continuous improvements of our IT governance framework
  • Improving the risk practices in the bank by challenging the way of working


It will be vital for your success, that you understand the whole Information security, cyber security and IT risk management including technological principles and methodology, processes as well as the roles and responsibility of 1st, 2nd and 3rd line.

Your background:

  • Relevant university degree or equivalent, e.g. within Security and Technology domains
  • Information Security and IT risk management experience from a large international organisation (e.g. big four consultancy firms)
  • 7+ years experience in similar leadership role. Alternatively a relevant role providing you with solid understanding and insights.
  • Fluency in English, both spoken and written
  • Relevant certification, such as any one of these: CISSP, CISM, CRISC

We offer:

We will ensure that exact salary offered for you will be based on your qualifications, competencies, professional experience and requirements for the corresponding job function (salary range from 3760 EUR to 5640 EUR gross EUR/monthly).

We care about your well-being and work-life balance, so we offer a whole package of benefits for you in addition! Check this out

Your title in job contract will be Specialist, Risk - Chief.

Tanja Ulevik Vestergaard