GRC & NIS2 Specialist – External Supply
Location: Denmark
Company: Novo Nordisk
Application deadline: 01 June 2025
Are you passionate about Governance, Risk and Compliance (GRC) and NIS2?
Join Novo Nordisk in a meaningful and challenging role within External Supply (ES) – the team responsible for managing our global production supply chain. This position is pivotal in ensuring the implementation of EU NIS2 requirements across our supplier network. We unite experts in Risk Management, Information Security, Contracts, and Legal to manage supplier relationships and secure compliance and resilience in our supply chain.
Bring your GRC expertise and cybersecurity mindset to help us meet regulatory requirements and ensure stable supply. Apply today and be part of a life-changing journey.
About the Role
You’ll join the ES IT, Data & Digital team, which is accountable for IT Risk and Information Security across External Supply. We work cross-functionally to define, implement, and follow up on security measures with suppliers and contract manufacturers.
Your responsibilities will include:
- Anchoring and evolving NIS2-related processes
- Establishing a cybersecurity risk model for direct spend suppliers
- Performing Information Security assessments with external partners
- Acting as a subject matter expert in contract negotiations and IT security audits
- Ensuring status overview and reporting on information security
- Managing supplier-related incidents and follow-up
- Educating sourcing staff on NIS2 and cybersecurity awareness
Qualifications
To succeed in this role, you bring:
- A Bachelor’s degree or higher in a relevant field
- 5+ years of experience in Governance, Risk, and Compliance
- Strong knowledge or interest in Information Security
- Advantageous: familiarity with NIS2, security certifications (e.g. ISO 27001, CISSP, CISM)
- Advantageous: experience in contract management or negotiations
- Excellent communication skills and fluency in written and spoken English
We’re looking for someone who thrives in both collaborative and independent work settings, who is structured, proactive, and great at stakeholder engagement. You apply your knowledge to business problems and are always open to learning and evolving.
About the Department
You’ll be part of the IT Security & Compliance team within our ES IT, Data & Digital organization. The team drives digital strategy, compliance, and innovation to support Novo Nordisk’s continued growth and operational excellence.
Working at Novo Nordisk
At Novo Nordisk, we are committed to innovation, sustainability, and inclusive growth. We aim to be the best company for the world, not just the best in the world – and we know that starts with diverse, talented people working together.
How to Apply
- Submit your application by 01 June 2025
- No cover letter required – just include a few lines about your motivation in your CV or resume
- Please do not include a photo in your CV
- For questions, contact Morten Barfoed at mokb@novonordisk.com
Equal Opportunity Employer
We are committed to an inclusive recruitment process and equal opportunity for all applicants. Diversity is not just a value – it’s an essential part of who we are and the impact we create.
Together, we’re life-changing.
