Are you prepared to drive innovation and advance Gen AI Risk Management at a leading Nordic bank? Join Danske Bank as a Chief IT, Security Risk Specialist in our Second Line of Defense, where you’ll shape how we manage and oversee risks related to Cloud platforms and Generative AI systems across the bank’s digital ecosystem.
This role requires a balance of analytical skills, strategic foresight, and the ability to collaborate effectively across diverse teams and stakeholders to develop a culture of risk awareness and compliance across the organization. This is your chance to play a vital role, guiding Danske Bank on its journey towards enhanced operational safety, stringent compliance standards, and AI risk management.
The IT, Security, and Data Risk team at Danske Bank operates as part of the second line of defense (2LoD) function, dedicated to ensuring robust IT, security and data risk management throughout the organization. As a component of the Non-Financial Risk (NFR) unit within Group Risk Management (GRM), our team serves as the oversight body to promote operational alignment and consistency in the application of IT, security, and data risk management policies and frameworks within the group's risk tolerance.
We collaborate closely with various stakeholders, including technology operations, business units, security, privacy, GenAI, model risk, compliance risk, and third-party risk management teams. This collaboration ensures a unified approach to managing both internal and external risks in a dynamic financial landscape. Our team’s efforts are pivotal in maintaining the bank’s integrity, establishing a strong risk culture, and securing Danske Bank’s position as the customers’ preferred financial partner. By working together, we aim to meet customer expectations, fulfill regulatory requirements, and uphold the highest standards.
“Uniqueness is powerful - we welcome everyone in Danske Bank.”
You will:
Provide oversight of IT and security risks, with a focus on Gen AI technologies
Evaluate and challenge first-line risk assessments, control designs, and mitigation strategies to ensure effectiveness and compliance
Engage and collaborate with stakeholders across Technology, Security, Risk, Compliance, Audit, Legal, and Business units to ensure integrated risk management governance and decision-making
Monitor and assess emerging technology and cybersecurity risks, contributing to scenario planning, risk reporting, and strategic initiatives
Offer insights to support regulatory interactions, thematic reviews, testing activities and internal governance forums
Lead reviews of GenAI initiatives across their lifecycle, offering second-line risk advisory and ensuring effective governance and control implementation
Oversee the design, implementation, and effectiveness of GenAI application controls, providing independent risk opinions and recommending appropriate mitigation measures
Promote a culture of risk awareness and compliance across the organization through engagement, education, and strategic alignment
Stay informed on evolving regulatory requirements and industry standards, particularly those impacting GenAI technologies including their use and assess their implications for the organization
About you:
A minimum of 7 years of experience in IT and security roles, it would be beneficial within a second line of defense (2LoD) function or a comparable role with deep exposure to risk oversight and governance (of which 2 years of experience with hands-on application of AI risk and control assessment)
A university degree or equivalent qualification in technology-related fields
Solid experience in IT risk management, cybersecurity, or technology governance— would be beneficial within regulated industries such as financial services—with the ability advise on complex projects or strategic initiatives. (Note: This is a specialist role without HR responsibilities.)
Comprehensive knowledge of AI governance and risk management, with in-depth expertise in generative AI technologies and the end-to-end development lifecycle of GenAI applications, including MLOps and associated risk frameworks
Familiarity with emerging regulatory requirements and industry-standard frameworks relevant to Generative AI, such as the EU AI Act, NIST AI Risk Management Framework, ISO/IEC 42001 for AI governance, and broader standards like DORA, EBA Guidelines, COBIT, and the ISF Standard of Good Practice for Information Security
Strong communication and interpersonal skills, with the ability to collaborate effectively across departments and stakeholders at all levels
Relevant professional certifications such as CRISC, CISA, CISM, CISSP (would be beneficial)
Advanced English skills
“Join a forward-thinking team where we champion excellence in IT, security, and data risk management. As a leader deeply invested in innovation and strategic impact, I empower individuals to thrive, collaborate, and shape the future of risk resilience.”
We will ensure that the salary offered to you will be based on your qualifications, competencies, professional experience, and requirements for the corresponding job function.
Your title in job contract will be Specialist – Risk, Chief.
