Chief IT, Security Risk Specialist

Job Description
Are you prepared to drive innovation and shape Cloud Risk Management at a leading Nordic bank? Join Danske Bank as a Chief IT, Security Risk Specialist in our Second Line of Defense, where you'll shape how we manage and oversee risks related to Cloud platforms and Generative AI systems across the bank's digital ecosystem.

This role requires a balance of analytical skills, strategic foresight, and the ability to collaborate effectively across diverse teams and stakeholders to develop a culture of risk awareness and compliance across the organization. This is your chance to play a vital role, guiding Danske Bank on its journey towards enhanced operational safety, stringent compliance standards, and Cloud risk management.

The IT, Security, and Data Risk team at Danske Bank operates as part of the second line of defense (2LoD) function, dedicated to ensuring robust IT, security, and data risk management throughout the organization. As a unit in the Non-Financial Risk (NFR) team within Group Risk Management (GRM), our team serves as the oversight body to promote operational alignment and consistency in the application of IT, security and data risk management policies and frameworks within the group's risk tolerance.

We collaborate closely with various stakeholders, including technology operations, business units, security, privacy, cloud risk, compliance risk, and third-party risk management teams. This collaboration ensures a unified approach to managing both internal and external risks in a dynamic financial landscape. Our team's efforts are pivotal in maintaining the bank's integrity, establishing a strong risk culture, and securing Danske Bank's position as the customers' preferred financial partner. By working together, we aim to meet customer expectations, fulfill regulatory requirements, and uphold the highest standards.

"We believe that the most valuable asset is human potential."

You will:

• Provide oversight of IT and security risks, with a focus on Cloud technologies
• Evaluate and challenge first-line risk assessments, control designs, and mitigation strategies to ensure effectiveness and compliance
• Engage and collaborate with stakeholders across Technology, Security, Risk, Compliance, Audit, Legal, and Business units to ensure integrated risk management governance and decision-making
• Monitor and assess emerging technology and cybersecurity risks, contributing to scenario planning, risk reporting, and strategic initiatives
• Offer insights to support regulatory interactions, thematic reviews, testing activities and internal governance forums
• Lead reviews of Cloud initiatives across their lifecycle, offering second-line risk advisory and ensuring effective governance and control implementation
• Oversee the design, implementation, and effectiveness of Cloud controls, providing independent risk opinions and recommending appropriate mitigation measures
• Promote a culture of risk awareness and compliance across the organization through engagement, education, and strategic alignment
• Stay informed on evolving regulatory requirements and industry standards, particularly those impacting cloud technologies, and assess their implications for the organization

About you:

• A minimum of 7 years of experience in IT and security roles, would be beneficial within a second line of defense (2LoD) function or a comparable role with deep exposure to risk oversight and governance (of which 2 years of experience with practical application of cloud risk assessment and control frameworks)
• A university degree or equivalent qualification in technology-related fields
• Solid experience in IT risk management, cybersecurity, or technology governance— would be beneficial within regulated industries such as financial services—with the ability to guide and advise on complex projects or strategic initiatives. (Note: This is a specialist role without HR responsibilities.)
• Strong understanding of Cloud technologies (e.g., AWS, Azure), systems architecture, and security principles, with the ability to assess associated risks
• Experience with Cloud technologies shared responsibility model and their risk implications for various cloud solutions and cloud deployment models (e.g. SaaS, PaaS, IaaS)
• Familiarity with regulatory requirements and industry-standard frameworks such as DORA, Executive Order on Management and Control of Banks, EBA Guidelines, ISF Standard of Good Practice for Information Security (SoGP), COBIT and Cloud specific regulations
• Strong communication and interpersonal skills, with the ability to collaborate effectively across departments and work with stakeholders at all levels
• Relevant professional certifications such as CRISC, CISA, CISM, CCSP, and AWS/ Azure certifications (would be beneficial)
• Advanced English language skills

"Join a forward-thinking team where we champion excellence in IT, security, and data risk management. As a leader deeply invested in innovation and strategic impact, I empower individuals to thrive, collaborate, and shape the future of risk resilience."

We will ensure that the salary offered to you will be based on your qualifications, competencies, professional experience, and requirements for the corresponding job function.

Your title in job contract will be Specialist – Risk, Chief.

If you have any questions or need further information about this exciting opportunity, please do not hesitate to contact:
Rudragouda Patil | LinkedIn
.
About Us
Danske Bank is a Nordic bank with bridges to the world around us. For 150 years, we have supported people and businesses in releasing their potential. A career with us is an opportunity to join a community of 22,000 colleagues in a culture where we are committed to Teaming Up, Owning It and Being Open. Together, we are on a journey to transform Danske Bank into a better bank. For our customers, our employees and the societies around us.