Specialist, Cyber Security Risk Management

About The Role

We're searching for a Specialist, Cyber Security Risk Management, who will be responsible for owning and maintaining the organization’s cyber security risk management standard, driving its adoption across the organization, and enabling stakeholders through training, workshops, and guidance. In this role, you will ensure consistent risk identification, assessment, and reporting, providing actionable insights to support informed decision-making.

More specifically, your responsibilities will include:

• Maintaining the Cyber Risk Management standard, ensuring alignment with industry frameworks and enterprise risk practices.
• Coordinating and moderating tactical and strategic risk management meetings aimed at discussing cyber security risks.
• Aggregating and analyzing risk data, maintaining risk registers, and producing clear, actionable reports for operational teams and senior leadership, including the Enterprise Risk Management Board, as a risk coordinator for Pandora’s Digital and Technology organization.
• Developing and delivering training/communications guidance materials to embed risk management practices across Pandora’s Digital and Technology organization.
• Collaborating with cross-functional teams to integrate risk management into processes, improve control effectiveness, and enhance overall cyber risk management maturity.

What Is Needed To Succeed

You are a motivated professional with strong organizational and project management skills. You are accountable and enjoy taking ownership of your tasks. As this role will have exposure to many senior stakeholders, experience working with profiles in leadership or people management positions is essential. You have stellar presentation and communication skills, with the ability to produce concise leadership-ready reports, as well as tailor messaging for diverse audiences. Additionally, we expect that you have and can demonstrate:

• 1-3 years of relevant experience in a Risk Management role, ideally within a global organization in the retail, fashion, or FMCG industry.
• Bachelor’s degree in Information Systems, Risk Management and/or Security discipline.
• Proficiency in enterprise risk management (ERM) concepts (e.g., risk appetite, tolerance, three lines model, heat maps).
• Experience in facilitating risk identification and assessment workshops (threats, vulnerabilities, impact/likelihood).
• Knowledge of cyber risk frameworks and standards such as NIST CSF, ISO/IEC 27005, etc.
• Proficiency with GRC/Risk platforms such as ServiceNow IRM, Archer, OneTrust, etc.
• Qualitative and semi-quantitative scoring and familiarity with quantitative methods (e.g., FAIR) is a plus.

Working Environment & Benefits

You will be working out of our beautiful Digital & Technology Hub in Copenhagen, in a rapidly growing environment of highly skilled and experienced colleagues, which is a key initiative that goes along with Pandora’s experience & ambitions. Besides our beautiful interior design, we are also proud of our LEED Gold Certification for Energy and Environmental Design. This means that we use as few natural resources as possible and that we use them with respect. The result is a professional and dynamic space that is unique, comfortable and inspirational – and delivers a true Pandora experience to anyone who works here or comes to visit.

About Pandora

Pandora is the world's largest jewellery brand, specialising in the design, crafting and marketing of accessible luxury jewellery made from high-quality materials. Each piece is created to inspire self-expression, allowing people to share their stories and passions through meaningful jewellery. Pandora jewellery is sold in more than 100 countries through 6,800 points of sale, including more than 2,700 concept stores.

Headquartered in Copenhagen, Denmark, Pandora employs 37,000 people worldwide and crafts its jewellery using only recycled silver and gold. Pandora is committed to leadership in sustainability and has set out to halve greenhouse gas emissions across its value chain by 2030. Pandora is listed on the Nasdaq Copenhagen stock exchange and generated revenue of DKK 31.7 billion (EUR 4.2 billion) in 2024.

Recognised by the Financial Times as one of Europe’s Best Workplaces and ranked #1 among Danish companies, Pandora is committed to building an inclusive and diverse workplace. We believe that reflecting the diversity of society in how we engage with our customers is essential to fulfilling our purpose: to give a voice to people’s loves. We are dedicated to nurturing a culture where everyone feels respected, valued, and empowered to thrive.

Key skills/competency

• Cyber Security
• Risk Management
• NIST CSF
• ISO/IEC 27005
• GRC Platforms
• ServiceNow IRM
• Archer
• OneTrust
• Enterprise Risk Management
• Stakeholder Management
• Communication