Security & Compliance Officer in Nordic RCC

Do you want to take part in driving the green energy transition in Europe towards a fully carbon-neutral, sustainable energy system? Are you a developer who is curious, open-minded, proactive and enjoys working in an explorative and collaborative way? Do you want to work together with engineers, IT experts and data scientists trying to find the secrets hidden in the vast amounts of data related to our services? Please join us making a difference.

We are looking for an experienced Security & Compliance Officer to join our Security, Risk & Compliance Department (SRC). Are you the one we are looking for?

Join Nordic RCC, a fast-developing company providing regional power system planning data and security analysis to support the national Transmission System Operators of Finland, Norway, Sweden and Denmark to ensure the efficient operation of the Nordic Power System and high security of power supply at any time.

Job description

Security:

• Support and maintain information security policy, employee guidelines and awareness training.
• Drive and facilitate information security risk assessments.
• Requirement outlook, break down and implementation.
• Implementation of NIS 2, Network code on Cyber Security and ENTSO-E security standards.
• Develop and support information security reporting and KPI’s.

Compliance:

• Prepare, coordinate, and drive mandatory audits of IT, information security and risk management.
• Build close and strong relation to Nordic RCC’s external auditors.
• Report audit results to the organization, Board of Directors, and assure departments mitigation of deviations and risks.
• Train and prepare the organization for auditing of controls, delivery of evidence etc.
• Drive, facilitate and quality assure self-assessments issued by Nordic and European authorities.
• Follow and contribute to the European compliance roadmap developed by ENTSO-E.

The tasks will develop and evolve over time, and you will work together with the Chief Information Security Officer and the SRC Team to structure the role, so it fits your profile and career development.

Required skills and experience

The ideal candidates will most likely have:

• A master’s degree in computer science, Law, IT, Business Administration or Economics.
• At least five years of experience in information security management.
• At least five years experience in compliance management and internal controls with a particular focus on information security.
• Experience with internal and external stakeholder management, independent reporting, dialogue with authorities and regulators.
• Experience with frameworks and standards such as ISO 27001/2, CIS18, NIST CSF, ISO 27005, ISAE 3402 and similar.
• Passed certifications such as CRISK, CISA, CIA, CISM, CISSP, ESL, or you are planning to certify as a part of your career path.

Additionally, you have:

• The capability to work in a dynamic environment with many and ongoing deadlines with a high professional or personal integrity.
• A proactive and explorative mindset.
• A willingness to challenge the status quo and explore new approaches.
• Strong teamwork, problem-solving and communication skills.
• Knowledge of the Energy sector and power systems is an advantage, but not a requirement.

An international and flexible working environment

You will join a team of competent, diverse and enthusiastic colleagues. We are currently 22 nationalities with more than 30% women (striving to improve this balance) and all ages. You will also at times work in teams with colleagues from the Nordic TSOs, either virtually or physically.

Our values of fellowship, curiosity, respect, and transparency have been defined by all employees. They identify how we behave and shape the way we work together, and we expect you to see yourself in them.

Application deadline and contact information

Please apply online as soon as possible (in English) and no later than August 31 2024. We will be conducting interviews on a continuous basis.

If you have any questions, please contact Thomas Bille Joensen, CISO, Head of Security, Risk & Compliance, tel. +45 3050 2082.

Your daily workplace will be in our office in Copenhagen Towers, Ørestad.

The position requires a governmental security clearance issued by Danish authorities which will be facilitated by Nordic RCC.