Is information security and protection part of your DNA? And you would like to develop yourself professionally and personally in a global market leading conglomerate within hearing aids, audio, video and gaming solutions? Then you might be our new colleague.
The team you will be part of is Corporate Risk Governance, part of Corporate Affairs
At our global HQ located in Ballerup, Denmark, you will join our team of 6 collaborative, experienced and dedicated colleagues.
We are all working with GN’s Corporate Risk, Information Security & Data Privacy at a strategic level – translating rules and regulations into internal requirements and policies – for our organization as a whole and for our global products specifically.
Compliance requirements for vulnerability management refer to the adherence to regulatory and industry standards that GN must follow to ensure the security of systems and applications and our customers infrastructure. Many compliance frameworks, such as HIPAA, NIST, ISO 27001 and CMMC require us to implement vulnerability management practices, as well as different laws such as European NIS2 Directive and Cyber Resilience Act.
Your contribution is appreciated, and you will grab a great opportunity and develop this new role
Since this is a new position in the team and in the company, you will be given the opportunity to shape it – if you are less experienced, your engaged colleagues will of course support and encourage you.

The new Vulnerability Program Manager role in the Corporate Risk Governance team would be responsible for:

• Build and implement a vulnerability management program that fits GN’s infrastructure, applications and product security goals and requirements
• Collaborate with and support different areas of the organization (R&D, IT, Legal…) as subject matter expert to establish common and uniform vulnerability management and reporting practices
• Ensure that the identified vulnerabilities are prioritized, handled and reported according to the program and regulatory requirements (e.g. data authorities)
• Collect and manage obligations from contracts regarding vulnerability disclosure to customers

To succeed in the role, we imagine that you

• Higher educational level in Information Security and Cybersecurity or other relevant fields of study or experience
• Software Development experience is a bonus
• Demonstrated experience in vulnerability management
• Understanding of legal and regulatory requirements related to cybersecurity and data protection (ISO 27001, NIST, CIS, NIS2, GDPR…), as well as vulnerability reporting.
• Analytical and problem-solving skills
• Ability to communicate complex security concepts to non-technical stakeholders.
• High proficiency in English in speech and in writing
• Relevant certifications (e.g., CISSP, CISM, CRISC) are a plus

We encourage you to apply
Even if you don’t match all the above-mentioned skills, we will gladly receive your application if you think you have transferrable skills. We highly value a mindset, motivation, and energy, that aligns with our core values, to not only ensure growth for you, but for your team and the wider GN organization as well.
We are committed to an inclusive recruitment process
All applicants with relevant skills will receive equal consideration for employment. Should you have any special requirements for the Interview please let the hiring manager know upon accepting invitation to interview.
How to apply?
Use the ‘APPLY’ link no later than 30 October 2024. Applications are assessed on a continuous basis, so don’t wait to send yours.
On a time crunch? Feel free to only submit your up-to-date CV including a few sentences outlining your motivation for applying – quick and easy.
If you would like to know more about the position, please contact Senior Director, Group CRO, CISO and DPO, Pia Margareta Klinge or Deputy CISO & Risk Officer, Jose López Arredondo on LinkedIn.
Join us in bringing people closer
GN brings people closer through our leading intelligent hearing, audio, video, and gaming solutions. Inspired by people and motivated by innovation, we deliver technology that enhance the senses of hearing and sight. We enable people with hearing loss overcome real-life challenges, improve communication and collaboration for businesses and provide great experiences for audio and gaming enthusiast.
We hope you will join us on this journey and look forward to receiving your application.

LI-Hybrid

LI-GNGroup

The new Vulnerability Program Manager role in the Corporate Risk Governance team would be responsible for:

• Build and implement a vulnerability management program that fits GN’s infrastructure, applications and product security goals and requirements
• Collaborate with and support different areas of the organization (R&D, IT, Legal…) as subject matter expert to establish common and uniform vulnerability management and reporting practices
• Ensure that the identified vulnerabilities are prioritized, handled and reported according to the program and regulatory requirements (e.g. data authorities)
• Collect and manage obligations from contracts regarding vulnerability disclosure to customer

To succeed in the role, we imagine that you

• Higher educational level in Information Security and Cybersecurity or other relevant fields of study or experience
• Software Development experience is a bonus
• Demonstrated experience in vulnerability management
• Understanding of legal and regulatory requirements related to cybersecurity and data protection (ISO 27001, NIST, CIS, NIS2, GDPR…), as well as vulnerability reporting.
• Analytical and problem-solving skills
• Ability to communicate complex security concepts to non-technical stakeholders.
• High proficiency in English in speech and in writing
• Relevant certifications (e.g., CISSP, CISM, CRISC) are a plu