Information Security Compliance Lead

Codan is one of Scandinavia's largest Insurance Companies. We offer business insurance, private insurance and health insurance. We are a total of approx. 3,300 employees in Scandinavia and approx. 950 employees in Denmark. Codan is part of the RSA Group, one of the world's largest global Insurance Companies. Read more about Codan at Follow us at Facebook: and LinkedIn:​

Skåne län, Malmö
IT, data
Antal tjänster: 

Overall role

As our new Information Security Compliance Lead you will be overall responsible for our internal IT Risk Appetite Framework and you will act as information security authority and advisor for IT & the business on IT compliance matters. You will manage and develop the control framework and our IT audit processes, to ensure that our compliance setup is value adding from both a business and senior management perspective. Additionally, you will work closely with the rest of the Information Security team to link our internal control framework and external supplier risk assurance, and to follow up on 3rd party compliance in collaboration with the 3rd party lead. You will be part of a strong and dedicated Information Security team of app. 16 people. 

Key areas of responsibility

  • Responsible for leading and developing our internal IT Risk Appetite control framework, to ensure control efficiency and effectiveness, and to deliver value adding management reporting on our key risks.
  • Facilitate the control validation process, and support control owners and 2nd line assurance throughout the process.
  • Conduct in depth spot-check of control effectiveness.
  • Facilitate IT compliance process.
  • Define, reviewe and publish IT policies, SOPs and other compliance guidelines.
  • Facilitate internal and external IT audits and function as link between IT organization and internal as well as external audit.
  • Support 3rd party supplier assurance and risk management schedule. 
  • Implement appropriate 3rd party control environment and follow up on 3rd party suppliers in corporation with the 3rd party lead, to ensure compliance with agreed controls.
  • Performing risk assessments and onsite audits of 3rd party suppliers.


  • 5+ years of experience with Information Security, Strong knowledge of security standards, tools, trends and legal requirements such as GDPR.
  • Able to demonstrate good understanding of security related technologies and services such as security network, firewalls, cloud solutions and penetration testing to a level where you can advise the business.
  • Experience with audits – possibly you have had a previous role as internal or external auditor
  • Strong communication skills and able to keep a good relationship to internal and external stakeholders. 
  • Structured and persistent – able to make structure and oversight, and influence others in a constructive and pragmatic manner to get “fit for purpose” security implemented in the organization.
  • Able to use insight on details in context – to add value and not get “stuck” in details.
  • Work independently, proactive and feel comfortable in taking even difficult decisions.
  • Stong xls skills.

You are fluent in English and one of the Nordic languages

You will report to the Manager of Information Security Management. The Information Security office holds a Scandinavian responsibility. The position is based in Malmø and some travel must be expected. 

Application and contact

Codan works with Experis in this process. Welcome with your application as soon as possible. We select applications continuously. If you have any questions regarding the position please contact Recruitment Consultant Igor Micanovic on +46406656144 or Patrik Wolf on +46406606320. Please apply by sending your CV and application as soon as possible but at the latest 24th of June 2018. 

Apply by clicking the link-->