Senior IT Security Specialist
Are you enthusiastic about IT Security and a complex IT landscape? And would you like to be part of a journey aiming at placing Tryg as the best insurance company in the Nordics?
About us | Developing best practices for the future
As an Information Security professional working at Tryg, every day is your chance to make an impact and help shape the future IT setup of a leading Nordic insurance company. We’re looking to take every aspect of our IT setup and solutions to the next level, so all your ideas, ambition, input and experience are welcome and valuable. From agile workflows to best practices in development and choosing which new emerging technologies to bank on, your word matters here.
About the role | Governance and communication
You will be part of the Group IT Security team, which plays a key role in ensuring Information Security across the Tryg Group, from a 2nd line of defense position.
As Senior Infosec Specialist, you combine a strong tactical and strategic outlook and a solid experience in governance and management of information Security with a good understanding of IT security technologies and architecture, technical vulnerabilities and Information Security risks.
You contribute to all the department's core tasks, which include:
• Maintenance and implementation of the Information Security policy and strategic initiatives to strengthen and mature IT security
• Measure infosec maturity, perform risk assessments, and report the results to our major stakeholders
• Oversight tasks, which we carry out through formalized control processes, but also through an active involvement in projects. With help from the rest of the team, you will have a responsibility to develop our ability to perform value-adding control work, by designing and implementing more tool supported controls
• Creating awareness about good Infosec behavior across the organization
You also have an important role in translating the department's oversight activities and advisory into value-adding management reporting. The purpose is to convert a complex landscape of controls, safeguards and operational risks into clear, accurate and fact-based messages to help prioritize and make decisions.
The department consists of 17 highly skilled professionals across Denmark, Norway and Sweden. We work to high standards and put great importance into meeting (or exceeding) expectations, all while fostering an environment where collaboration is celebrated and having fun is encouraged.
We belong organizationally to the IT Department (Business IT & Digitalization), but due to the nature of our work, our stakeholders are the whole Tryg Group, and in particular colleagues in all Business Areas with a heavy dependance on Information Systems.
About you | Strong competencies in IT Security Management Systems
We are open to different backgrounds and experiences, but we hope you have a solid experience and interest in Information Security Management Systems, Information Security strategy development, and knowledge about ISO 27000/01/02, CIS and NIST Cybersecurity Framework. You have a passion to follow both the technical development and the development of current threats and risks.
You bring strong skills one or more of the following areas:
• Infosec governance, infosec strategy-making, infosec policymaking
• ISMS implementation (Information Security Management Systems)
• Ability to communicate infosec messages
• Implementation of awareness programs/initiatives.
• Experience with risk management, particularly infosec risks
• Ability to learn and use tools to support controls and communication (Atlassian suite, Jira and Confluence, compliance tools (e.g. Onetrust)
• Executive management reporting
It's important that you understand that security is there for the business and not the other way around. You are a great facilitator and a strong communicator at all levels in the organization and can explain the value of IT security on a level where everyone can join. We expect you to have a good business understanding. You enable compromises and support collaboration and can clearly communicate in the Tryg Group’s interest. In other words, you know how to convey IT security in a modern, shareholder-owned company.
Curious?
Send your application as soon as possible, but no later than 16th of January as we’ll be conducting interviews continuously.
If you have any questions regarding the role, you are welcome to contact Chief Information Security Officer Frederic Høgsberg Kristensen on frederic.hoegsberg.kristensen@tryg.dk.
Union representatives:
Akademikerföreningen: Lena Darin, +46 70 168 28 44
Forena: Elias Bakk, +46 707 30 68 54
#LI-LH1