Senior Specialist - Information Security Governance, Risk and Compliance - Gdansk or Viby

Arla is a global leader in the dairy industry, committed to enabling good food choices that make life better, providing people with natural, sustainable nourishment, while taking care at every step to ensure Arla is a choice they can feel good about. If you are looking to shape the future with an ambitious global cooperative that truly cares about your growth, where everyone feels valued and empowered, and collaboration is the core of culture, Arla is a choice you can feel good about.

• Master’s degree in Information Security, Cybersecurity, IT or a related field.
• 5+ years of experience in Information Security, working with continuity and recovery strategies.
• Strong knowledge of regulatory and compliance frameworks such as NIS2, GDPR, ISO 27001, NIST.
• Certifications like CISSP and CISM are highly valued in the recruitment process.
• Excellent communication skills, with the ability to present complex security topics to senior leadership and non-technical stakeholders.
• Experience in Agile delivery methodology would be a plus.
• Experience working in a large, global organization with a complex technology landscape.
• Ability to work in a fast-paced, dynamic environment and persistence in achieving goals.
• Proactive mindset and a commitment to continuous improvement.
• Speak and write English effortlessly.

• Establish and maintain the IT Continuity & Disaster Recovery framework, embedding it across IT and business units and supplier engagements.
• Develop internal policies, controls, and monitoring practices to meet the IT operational resilience and Arla Business requirements.
• Support Business Impact Assessments to identify critical business functions, assess risks, and understand the potential impact of disruptions.
• Guide through standardising practices for developing and maintaining system recovery strategies and procedures to ensure effective and timely restoration of services.
• Support NIS2 compliance activities by working with stakeholders across IT and the business to ensure continuity and recovery practices align with regulatory expectations.
• Partner with IT Operations and other teams to embed continuity and recovery considerations into business processes and new initiatives.
• Work closely with IT Risk Management adhering to risk-based reporting to executive leadership.
• Participate in awareness activities and exercises to ensure preparedness and a strong recovery culture across the organization.
• Regularly test, review, and enhance continuity and recovery plans to address evolving threats and business needs.