Cyber Audit Specialist

Digital Solutions & Development > Digital Solutions > Governance, Risk & Compliance

You will become a part of the GRC Office of the CISO, a centrally placed team, striving always to protect Operational Technologies, Vestas's Information Technologies, Information Assets, as well as Intellectual Property Rights.

This team is a multi-cultural and international team that manages defined security and risk practices, all established to deliver important and related capabilities. Vestas is organized in a matrix-organization, and you should expect a broad set of international stakeholders with whom you continuously will collaborate with.

Responsibilities

As a Cyber Audit Specialist, you play an important part to Vestas Cyber Security and Risk practices, as well as the commitments towards customers and partners. As a team, we nurture a strong mix of appropriate competencies and personalities and we believe for all individuals to be equally important for us to succeed on our mission.
We consider this position to hold and carry out the following responsibilities:

• To provide continuous improvement towards the corporate security and risk governance through audits. This governance is vital for Vestas and enables for the matrix-organization to have an effective and efficient management of security and risk practices.
• To provide active security risk assessments.
• This facilitation supports many entities in Vestas managing its risk responsibilities as laid out in Vestas's Enterprise Risk Management policy.
• To provide continuous measurement of security requirements.
• These measurements enable for management to be aware of the adherence towards regulatory, contractual, or internally defined security requirements.
• Upon continuous request from the organization, to provide your expertise on security and risk practices.
• Being a specialist within security and risk practices, you must expect to be responsible to provide various expertise across e.g., Audit Management, Security Inquiries.
• To uphold an understanding of the relevant security and control frameworks.
• Being a specialist within security and risk practices, you are expected and responsible to remain relevant knowledge and understand of various and recognized security and control frameworks e.g., NIST CSF, NIST 800-53, NIST 800-82, IEC 62443, ISO270XX, ISO277XX, ISO31000.

Qualifications

To be considered for this position, you hold a relevant audit education, audit certification(s) and experience from similar positions, preferable within the energy industry.

• A good understanding of and experience with Corporate Security Governance.
• A good understanding of and experience with Operational Risk Management standards.
• A good understanding of and experience with Security Compliance.
• A good understanding of and experience with Security and Control Frameworks.
• A good understanding of and experience with Operational and Information Technology Infrastructure and Applications.
• Not a qualification, but still preferred, an understanding of quantification of cyber security risks.

Competencies

• A selfdriven person that has a high-level of empathy and is recognized as a good and likeable team-oriented person.
• A solid set of interpersonal communication competencies and is recognized as a trusted liaison to your stakeholders.
• A good business acumen that allows you to zoom in at the details, as well as to make the connections towards the company's strategy and aspirations.
• An openminded and curious personality with good communication skills combined with a proactive and problem-solving approach to getting the tasks done.
• A broadminded and diverse approach to people, cultures etc.
  

What we offer

• You will be a part of a company who are true ambassadors of its four values: Simplicity, Collaboration, Accountability, and Passion. In Vestas we strive to be the best at what we do, therefore we have a strong vision: The Global Leader in Sustainable in Energy Solutions.
• We offer a lot more than just the number part of the employment. We also know without doing so, we cannot attract and retain the cyber talents required to do the tasks at hand.
• We welcome you to a team of specialists where everyone is equally important for us to succeed, for us to have an appropriate security posture and cyber risk exposure.
  

Additional information

• This role can either be based in Aarhus or Copenhagen, Denmark.
• We do amend or withdraw our jobs and reserve the right to do so at any time, including prior to the advertised closing date. Please be advised to apply on or before 5th April 2023.
• For further information please contact Ravi Bedadi, Senior Recruiter.

About Vestas
Vestas is the energy industry’s global partner on sustainable energy solutions. We are specialised in designing, manufacturing, installing, and servicing wind turbines, both onshore and offshore.
Across the globe, we have installed more wind power than anyone else. We consider ourselves pioneers within the industry, as we continuously aim to design new solutions and technologies to create a more sustainable future for all of us. With more than 145 GW of wind power installed worldwide and 40+ years of experience in wind energy, we have an unmatched track record demonstrating our expertise within the field.
With 29,000 employees globally, we are a diverse team united by a common goal: to power the solution – today, tomorrow, and far into the future.
Vestas promotes a diverse workforce which embraces all social identities and is free of any discrimination. We commit to create and sustain an environment that acknowledges and harvests different experiences, skills, and perspectives. We also aim to give everyone equal access to opportunity.
To learn more about our company and life at Vestas, we invite you to visit our website at www.vestas.com and follow us on our social media channels. We also encourage you to join our Talent Universe to receive notifications on new and relevant postings.