As our Manufacturing Information Security Lead (MISL) you possess a critical leadership role and general responsibility for Manufacturing OT/IT security compliance against audits and regulations from DGIT (Danfoss Group IT) to the manufacturing shop floor. This role acts as the primary link between the Central Information Security team and the Power Solutions business, driving the implementation of security policies, standards, and best practices. The MISL will be a key advisor to business leadership on security-related matters and will play a vital role in managing and mitigating security risks specific to the Power Solutions manufacturing set-up globally
As the role operates globally from a segment level, it is important to manage, execute and perform good communication skills to enable strategy and results. Also, network and strategic thinking are key to be successful in the position. On top of soft skills, it is important to possess technical proficiency and process management knowledge as key enablers of your strategy and plans are technical leaders and Operations leadership teams
There is an expectation to be present in Nordborg 2–3 days per week.
What You’ll Be DoingRisk/Exception Owner on Entity Level:
· Serve as the primary risk owner of Information Security within the Power Solutions business segment around Operations.
· Ensure clear and close collaboration with business stakeholders (Plant Directors etc.) to execute on IT/OT security strategies and audits.
· Identify, assess, and evaluate security risks and threats specific to the business together with Information Security Steering Committee
· Develop and implement risk mitigation strategies and action plans.
· Manage and track security exceptions, ensuring proper documentation and approval processes are followed.
· Report on the status of security risks and exceptions to Segment leadership and the central Information Security Steering Committee (ISSC) and CISO team
Product Security:
· Collaborate with product development teams to integrate and ensure consistency from design and development, to test of Power Solutions products. This is done in close collaboration with the existing Segment Product team.
· Stay abreast of emerging product security threats and vulnerabilities
OT Security (IIoT/ICS/SCADA):
· Develop and implement security strategies for Operational Technology (OT) environments, including Industrial Internet of Things (IIoT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) systems.
· Conduct security assessments of OT systems and identify vulnerabilities, in collaboration with existing OT Security team.
· Work with OT teams to implement security controls and best practices
None-DGIT Managed IoT/Servers/Applications:
· Identify and manage security risks associated with IoT devices, servers, and applications managed outside DGIT (SaaS and general Cloud solutions)
· Ensure proper security monitoring and incident response capabilities are in place
Data Owner / Data Classification / Data Security:
· Serve as a data owner for key data assets within the Power Solutions business.
· Clarify the data protection requirements together with existing ISSC (Information Security Steering Committee)
· Ensure compliance with data privacy regulations (e.g., GDPR).
Direct Procurement and 3rd Party Risk Management:
· Assess the security risks associated with third-party vendors and suppliers who have access to Power Solutions data or systems. Also, assess security maturity level at critical suppliers to ensure a stable supply chain.
· Monitor vendor security performance and ensure compliance with security requirements
Business Continuity:
· Collaborate with business units to develop and maintain business continuity plans that address potential disruptions to critical business processes.
· Conduct regular business continuity testing and exercises.
NIS2 and general political directive compliance:
· Lead the implementation of regulatory and contractual requirements within the Power Solutions business.
· Conduct gap assessments to identify areas where compliance is lacking.
· Monitor compliance with NIS2 and report on progress to business leadership and the central Information Security team.
What We're Looking ForRequirements:
· Master’s degree in Computer Science, Information Security, or other relevant fields.
· 5+ years of experience in information security, with a focus on risk management and security governance.
· Experience in Program Management.
· Experience in a manufacturing or industrial environment is highly desirable.
· Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework).
· Experience with OT security and IIoT environments.
· Knowledge of data privacy regulations (e.g., GDPR).
· Experience with third-party risk management.
· Familiarity with business continuity planning.
· Strong communication and interpersonal skills.
· Ability to work effectively with both technical and non-technical stakeholders.
· Certifications such as CISSP, CISM, or CRISC are preferred.
Skills:
· Risk Management
· Security Governance
· OT/IT Security
· Product Security
· Data Security
· Third-Party Risk Management
· Business Continuity Planning
· NIS2 Compliance
· Communication
· Collaboration
· Problem-solving
Contact Information
For more information about the position, please contact:
Martin Ole Madsen
Head of Manufacturing Systems & Services
martin.madsen@danfoss.com
For information regarding the recruitment process, please contact:
Bjørn Jepsen, Talent Acquisition
bjorn.jepsen@danfoss.com | +45 6012 2680
At Danfoss, we are engineering solutions that allow the world to use resources in smarter ways - driving the sustainable transformation of tomorrow. No transformation has ever been started without a group of passionate, dedicated and empowered people. We believe that innovation and great results are driven by the right mix of people with diverse backgrounds, personalities, skills, and perspectives, reflecting the world in which we do business. To make sure the mix of people works, we strive to create an inclusive work environment where people of all backgrounds are treated equally, respected, and valued for who they are. It is a strong priority within Danfoss to improve the health, working environment and safety of our employees.
Following our founder’s mindset “action speaks louder than words”, we set ourselves ambitious targets to protect the environment by embarking on a plan to become CO2 neutral latest by 2030.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or other protected category.