IT Security and Compliance Partner
Category: Business Support & Administration
Location: Høje-Taastrup, Capital Region of Denmark, DK
Are you passionate about Governance, Risk and Compliance (GRC) and NIS2?
Novo Nordisk is looking for an experienced professional to join our External Supply area, where we manage supply chain operations vital to production.
This role is key to implementing the EU NIS2 requirements with our direct spend suppliers. You’ll collaborate with experts in risk management, information security, contracts, and legal to secure compliance and manage risks across our supplier network.
This is your chance to shape critical GRC processes and influence information security in the supply chain. Bring your expertise and make an impact.
About the Role
You will join the ES IT, Data & Digital team, which holds overall IT security and risk responsibilities for External Supply. In this role, you will:
- Anchor and evolve NIS2-related processes
- Establish cybersecurity risk models for direct spend suppliers
- Work directly with suppliers and sourcing stakeholders to:
- Conduct Information Security assessments
- Act as the Information Security subject matter expert in contract negotiations
- Participate in IT security audits with CMOs and suppliers
- Ensure oversight and reporting of Information Security status
- Follow up on security incidents with CMOs and suppliers
- Educate Novo Nordisk sourcing staff on NIS2 and information security
You will be part of a small, dedicated team and play a central role in defining and shaping this position.
Qualifications
We expect you to have:
- A bachelor’s degree or higher in a relevant field
- Minimum 5 years of industry experience within Governance, Risk, and Compliance
- Interest and experience in Information Security (NIS2 knowledge and/or relevant certifications are a plus)
- Experience with contracts and negotiation is an advantage
- Proficiency in English, both written and spoken
You are collaborative, but also comfortable working independently. You’re driven by impact, eager to apply your knowledge to solve business challenges, and skilled at stakeholder engagement and coordination.
About the Department
You’ll be part of the IT Security and Compliance team within ES IT, Data & Digital, driving digital solutions that support growth, efficiency, and compliance across Novo Nordisk. We work cross-functionally to ensure digital strategies align with our broader business goals.
Working at Novo Nordisk
At Novo Nordisk, we thrive on innovation, embrace change, and pursue excellence. We work together to make a global impact and continually strive for meaningful progress.
Contact
For more information, please reach out to:
Morten Barfoed, SVP IT Security Responsible
📧 mokb@novonordisk.com
Deadline
🗓 01 June 2025
You don’t need to submit a cover letter, but please include a few lines in your CV explaining why you're applying. Kindly refrain from including a photo in your application to support a fair and inclusive recruitment process.
Our Commitment
Novo Nordisk is an equal opportunity employer. We are committed to building an inclusive culture that values diversity across all dimensions — including the patients we serve, our employees, and the communities in which we operate.
Together, we’re life-changing.
