Senior Information Security Advisor - Third Party and Supply Chain Security

Category:

Digital & IT

Are you passionate about Information security and safeguarding critical information? Do you have a knack for identifying risks and implementing robust information security strategies? If yes, then we have the perfect opportunity for you! Join Novo Nordisk as a Senior Information Security Advisor and make a difference in protecting our global operations.

Read on and apply today!

Your new role

As a Senior Security Advisor for Third Party/Supply Chain Security, you develop and implement third-party information security strategies with stakeholders. You identify, assess, and manage supply chain security risks in line with NN strategies and industry standards. Strong knowledge of cybersecurity risk frameworks, threat intelligence, and security technologies is essential.

Key responsibilities:

• Strategize and lead third-party risk assessments and due diligence processes for new and existing vendors.
• Develop and maintain third-party information security policies, standards, and procedures.
• Evaluate vendor/supply chain security controls using questionnaires, audits, and evidence reviews.
• Collaborate with procurement, legal, and business units to integrate security into vendor lifecycle management.
• Maintain an inventory of third-party services and associated risk levels.
• Stay current with regulatory requirements (e.g., SOC2, GDPR, HIPAA, ISO 27001, NIST, etc.) and ensure vendor compliance.
• Contribute to the development and enforcement of third-party information security policies and standards.
• Ad hoc Information Security advisory and engagement.
• Act as a resource for colleagues with less experience.

Your new department

Global Information Security Advisory (GISA) is an integral part of the Global Information Security organisation and is based out of DD&IT in Denmark. GISA is a global organisation with team members situated in Denmark, USA, and India. The GISA department consists of experts across diverse information security domains and strong business knowledge. We collaborate closely with businesses partners throughout the value chain, providing guidance and counsel to ensure the security of Novo Nordisk.

Your skills & qualifications

To be successful in this role we expect you to have:

• MSc/BSc (or equivalent) in a related field.
• Around 10 years of experience in third party/supply chain security, Information Security, IT Security, IT Systems, or IT Infrastructure.
• Relevant certifications such as CISM, CISSP.
• Experience in defining and executing information security plans aligned with a strategically defined, risk-based approach to information security.
• Fluency in written and spoken English, Danish will be an advantage.

As a person, you are self-driven, take full ownership of your work, and communicate clearly with senior stakeholders. You bring integrity, independence, and a pragmatic mindset to complex challenges, always maintaining a customer-focused, risk-aware approach. Calm under pressure, you manage multiple priorities while delivering high-quality results. Your flexibility, strong prioritisation skills, and business understanding make you a trusted and effective partner across the organisation.

Work at Novo Nordisk

At Novo Nordisk your abilities, ambitions, and dedication help us to improve the lives of patients all over the world. In return, we offer you the opportunity to work with extraordinary talent and enjoy a wide range of opportunities within professional and personal development. We have a responsible culture with a healthy and committed work environment and focus on contributing to society and protecting the environment.

Every day, our thousands of digital experts work in all areas of technology. We navigate the tech spectrum from front-end to back-end, from artificial intelligence to machine learning, and from cloud systems to quantum computing. All to make a tangible impact on lives across the globe. How? Go explore at TechLife at Novo Nordisk.

What we offer

There is, of course, more on offer here than the uniqueness of our culture and the extraordinary results we produce. Being part of a global healthcare company means opportunities to learn and develop are all around us, while our benefits are designed with your career and life stage in mind.

More information

Harsha Suresh

Senior Manager – Global Information Security Advisory

+45 30 75 22 30

Deadline

10 August 2025

To ensure an efficient and fair recruitment process, please refrain from adding a photo in your CV.

We commit to an inclusive recruitment process and equality of opportunity for all our job applicants.

At Novo Nordisk we recognize that it is no longer good enough to aspire to be the best company in the world. We need to aspire to be the best company for the world and we know that this is only possible with talented employees with diverse perspectives, backgrounds and cultures. We are therefore committed to creating an inclusive culture that celebrates the diversity of our employees, the patients we serve and communities we operate in. Together, we’re life changing.