IT Risk Assessment Specialist

At Arla, we do so much more than make some of the world’s favourite dairy products. In Shared Service Centre in Gdansk we support our colleagues worldwide by providing them with world- class accounting, finance, procurement, tax, master data and HR processes.

Are you looking for an opportunity to hold an IT Risk Assessment Specialist role with high impact? Then try yourself and apply as you might be the right candidate for this position.

Your main responsibility will be to conduct IT Risk Assessments on Arla production sites all over Europe, so travel to Arla Production sites on a regular basis will be a major part of this position, and you might expect 10-12 weeks of travel each year. After an IT Risk Assessment has been conducted, you will write an extensive report of the findings and with recommendations to mitigate risks. This report must be presented to stakeholders at all levels.

Your focus will be on:

• Perform security threat, audits and risk assessments at operational level.
• Perform risk assessments of information systems and infrastructure components, primarily at ARLA productions sites in Europe and occasional at International sites.
• Maintain and enhance the Information Security risk assessment methodology, together with management.
• Develop appropriate risk treatment and mitigation options to address security risks identified during risk assessments or audits.

What is more you would be responsible for is providing written and verbal recommendations for risk assessments for management review. Afterwards it would be you in charge of identifying opportunities and plans to improve security assessment workflow and understand and quantify business impact of those improvements for communication to management.

What competences we are looking for?

To meet the requirements of this position you should have:

• Minimum 2 years of experience in IT Security roles or as an Auditor either from an internal or external consultancy role.

• Understanding of Information Security on all levels.

• Knowledge of information security technologies (i.e. firewalls, IDS/IPS, DMZ, access controls, penetration testing, risk and vulnerability assessment, investigative techniques, authentication systems).

• Knowledge of technical production equipment (Windows, Scada, PLC) are preferred but not a requirement.

• CISSP/CISA certification or similar work experience within the certification areas.

As a ‘go to person’ you should be able to translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to technical responsible and stake-holders at management level. You would act as a Subject Matter Expert (SME) in applying and evaluating security assessments and share your technical understanding of common IT security areas.

In personal competencies area, you are used to work with tight deadlines and known as one that can balance attention to detail with the speed of execution. You are open-minded in your approach to people and eager to learn. Your inherent flexibility and adaptive nature helps you to handle the ever-changing needs of a dynamic FMCG company.

Finally - working and communicating in English is naturally for you as well as creating long lasting relationships both internally and externally.

Application and contact

If you want to seize this exciting opportunity, please apply as soon as possible. We process applications on a continuous basis and close the job opening once the right candidate has been found.