Cyber Risk and Governance Manager

This is an exciting opportunity to take a key role in a forward-thinking Cyber Security team, embedded within Corporate IT at the Novo Nordisk Foundation and Novo Holdings. As the Cyber Risk and Governance Manager within the Cyber Security Team, you will play a pivotal role in shaping and driving our organisation’s cyber risk management strategy, safeguarding critical assets, and enhancing the enterprise resilience of both organisations. 

The Position  

You will oversee critical functions across risk management, compliance, awareness, and security frameworks. Your work will ensure the organisation’s security posture remains robust, adaptable, and aligned with regulatory requirements and business goals. 

You will join us on an ambitious and transformative journey to enhance our cyber resilience, ensuring we remain innovative, secure, and prepared to meet the challenges of the future. By driving critical initiatives and collaborating with talented colleagues across diverse areas, you will directly influence our strategic goals and play a pivotal role in shaping a secure and sustainable digital environment. 

In this role your key responsibilities will include: 

Risk Management 

• Review, update, and continuously improve the organisation's risk management process. 

• Conduct thorough risk assessments on third-party vendors, ensuring alignment with security and compliance standards. 

Compliance 

• Develop, update, and review cybersecurity policies and IT rules of conduct to maintain relevance and efficacy. 

• Oversee the implementation of controls and perform internal audits to measure compliance and identify gaps. 
• Establish and maintain processes, procedures, and controls, providing regular oversight and reporting to key stakeholders. 

Awareness and Training 

• Design and execute engaging cybersecurity awareness programs to elevate knowledge and vigilance across the organisation. 

• Oversee the onboarding and periodic review of system managers to ensure compliance with security requirements. 

Security assessments 

• Conduct security risk assessments for ad hoc technology requests impacting limited user groups. 

About You 

We are looking for an experienced colleague who excels in collaboration, thrives in a dynamic environment, and is passionate about driving impactful change. As a Governance and Cyber Risk Manager, you will bring strategic insight, hands-on expertise, and a proactive approach to strengthen our cybersecurity framework and foster organisational resilience. 

You should be results-driven, combining technical expertise with business insights. 

Qualifications and experience 

• Extensive experience in Governance, Risk, and Compliance in a cybersecurity context, preferably at a senior management level. 

• Deep knowledge of risk management frameworks, compliance standards, and cybersecurity best practices. 

• Strong expertise in developing and implementing cybersecurity policies, controls, and processes. 

• Experience in conducting vendor risk assessments and internal audits. 

• Demonstrated ability to deliver impactful cybersecurity awareness and training initiatives. 

• Familiarity with security risk assessments for SaaS/PaaS solutions and critical systems. 

• Strong communication and stakeholder management skills, with the ability to influence and build consensus across diverse teams. 

• Fluency in English, both oral and written. 

Key competencies 

• Analytical and detail-oriented, with the ability to assess risks and propose actionable solutions. 

• Proactive and adaptable, capable of navigating a dynamic regulatory and threat landscape. 

• Collaborative and people-focused, fostering strong relationships across teams and departments. 

• Clear and concise communicator, able to translate technical concepts into business-relevant language. 

• Ability to communicate across all levels in the organisation. 

• Consistently demonstrates high performance and commitment. 

Application and Information 
For further information, please contact Micha Bangsgaard, Head of Cyber Security, Corporate IT, [email protected]. 

We encourage you to send your application as soon as possible and no later than 2 March 2025. We will screen applicants on a regular basis. 

To apply, please send your CV and cover by clicking the “Apply now” button. 

About our two organisations: 

The Novo Nordisk Foundation 
Established in Denmark in 1924, the Novo Nordisk Foundation is an enterprise foundation with philanthropic objectives. The vision of the Foundation is to improve people’s health and the sustainability of society and the planet. The Foundation’s mission is to progress research and innovation in the prevention and treatment of cardiometabolic and infectious diseases as well as to advance knowledge and solutions to support a green transformation of society.  

In the coming years, the Foundation will broaden its scope and increase its grants for scientific, humanitarian, and social purposes. Consequently, we are a growing organisation, which means new job openings and exciting opportunities for employees to be part of forming the future of the Foundation. 

Novo Holdings A/S 

Novo Holdings is a world-leading life science investor, driven by the purpose of improving people’s health and the sustainability of society and the planet. Since 1999 we have been investing to promote groundbreaking solutions in healthcare and bio-sustainability. We employ more than 180 professionals from various nationalities and backgrounds, all sharing the same goal: To generate attractive long-term returns on the assets of the Novo Nordisk Foundation.