Senior Information Security Architect

at  Novo Nordisk

Senior Information Security Architect
Category: Digital & IT
Location:Bagsværd, Capital Region of Denmark, DK
In Novo Nordisk, we are driving change to defeat serious chronic diseases. A step in that direction is to acquire companies which can help our patients.
Are you passionate about information security, take pride in identifying and addressing potential security risks before malicious attackers can exploit them and want to put these in action within a wide range of companies, then come and join our Mergers & Acquisitions (M&A) team within Global Information Security.

WHAT’S IN IT FOR YOU?

We are seeking an Information Security Architect who would like to engage in due diligence and integration activities. The candidate could have a background as a former pentester and possess a solid understanding of Windows hardening baselines, including CIS benchmarks and Microsoft baseline, as well as Windows Active Directory. Additionally, the candidate should have experience with at least one public cloud platform (Azure/AWS/GCP) and proficiency with the Microsoft E5 suite.

Responsibilities:

• Work closely with a team, consisting of both internal employees and external consultants throughout the due diligence to integration phase.
• Ensure technical assessments are conducted in a timely manner and all findings are addressed or accepted.
• Plan and ensure execution of joint security assessments, including penetration testing, vulnerability assessments, and threat emulation exercises to identify weaknesses and inform defensive strategies.
• Implement defensive controls such as hardening and setting up security tools.
• Take responsibility for sourcing and on-boarding of external consultants.
• Share insights gained from offensive and defensive operations to enhance the collective understanding of threats, vulnerabilities, and effective defensive measures across deals or individual targets.
• Develop in-house technical information security capabilities to safeguard future partnerships, licensing, and acquisitions deals.
• As the number of deal activities can fluctuate, ad hoc activities such as engagement with purple team activities or support security partners within Novo Nordisk, broadening your competencies.

Together with the rest of the Global Information Security team, you act as an information security architect to stakeholders throughout the Novo Nordisk value chain by identifying risk and proactively developing mitigating solutions. At Novo Nordisk, your skills, dedication, and ambition help us change the way we strengthen Novo Nordisk’s information security posture to be ready for future business models. In exchange, we offer you an opportunity to work with extraordinary talent and benefit from a range of professional and personal development possibilities.

• Work closely with a team, consisting of both internal employees and external consultants throughout the due diligence to integration phase.
• Ensure technical assessments are conducted in a timely manner and all findings are addressed or accepted.
• Plan and ensure execution of joint security assessments, including penetration testing, vulnerability assessments, and threat emulation exercises to identify weaknesses and inform defensive strategies.
• Implement defensive controls such as hardening and setting up security tools.
• Take responsibility for sourcing and on-boarding of external consultants.
• Share insights gained from offensive and defensive operations to enhance the collective understanding of threats, vulnerabilities, and effective defensive measures across deals or individual targets.
• Develop in-house technical information security capabilities to safeguard future partnerships, licensing, and acquisitions deals.
• As the number of deal activities can fluctuate, ad hoc activities such as engagement with purple team activities or support security partners within Novo Nordisk, broadening your competencies