We are looking for a senior professional to lead the IT Security and IT Compliance agenda for NN Slovakia. In this role, you will be responsible not only for cyber security and risk management but also for ensuring full compliance with regulatory requirements in the IT domain. You will work closely with expert teams, business stakeholders, procurement, legal, and international Group functions to make sure our technology environment remains secure, compliant, resilient, and well‑governed.
Your work will directly influence how NN protects its data, customers, and critical services. The ideal candidate combines strong security expertise with a practical, business‑oriented approach and the ability to drive change across the organization.
Key Responsibilities
Lead the overall IT security, IT compliance, and IT risk agenda, ensuring a strong control environment and alignment with Group security strategy.
Own the local security and resilience roadmap and report progress to the local management board.
Ensure compliance with internal security policies, standards, IT governance rules, and external regulatory requirements (incl. DORA, NIS2, EIOPA/IDSC guidelines, BCM obligations).
Oversee daily security operations including risk assessments, access rights governance, vulnerability management, audits, and incident management.
Manage the IT access control framework: approval processes, periodic entitlement reviews, SoD controls, privileged access management, and cooperation with HR on joiner/mover/leaver processes.
Cooperate closely with procurement and legal teams in the lifecycle of IT contracts to ensure regulatory and security requirements are embedded (outsourcing, cloud, third‑party risk).
Support and challenge IT and business teams to identify risks, implement effective controls, and increase security maturity across the organization.
Drive awareness, training, and communication to strengthen a “security first” mindset.
Contribute to Business Continuity Management (BCM) activities, ensuring operational resilience, planning, testing, and alignment with critical business services.
Act as a key point of contact for Group Security, Group Compliance, internal audit, external audit, regulators, and other NN Business Units.
Oversee planning, budgeting, and resource allocation for all security- and compliance‑related initiatives.
Requirements
Strong knowledge of security frameworks and standards (e.g., ISO 27001/2, NIST CSF, CIS Controls, Cloud Security best practices).
Master’s degree (or equivalent) in IT, information security, audit, or a related technical field.
Practical experience with risk assessments, IT governance, compliance frameworks, and regulatory requirements in the financial sector.
Understanding of operational resilience, BCM, third‑party risk, and identity & access management principles.
Experience working with auditors, regulators, and cross‑functional teams.
Ability to communicate complex security topics to both technical and non‑technical stakeholders.
Strategic mindset combined with hands‑on execution capability.
Employee perks, benefits:
4- day/5-day workweek
Possibility of home office and online job training
Employer's allowance to life insurance and pension savings
Employer's allowance for mobility (for parking or transport)
Meal allowance
Allowance for sports and massages - Multisport card
Recreation allowance
Extra days of – Vitality days
Paid sabbatical – long-term time off for regeneration
Days of paid leave beyond the scope of the Labor Code
Health days, online webinars and exercise
Various workshops organized throughout the year focusing on work-life balance
Programs aimed for your own development
Development education programs with a focus on the skills of the future
Inclusive work environment - we accept each individual, in NN you can be yourself
Language learning platform
Wage (gross):
from 4500€ gross depending on skills and experience of the candidate. In addition, the possibility of a bonus is in accordance with NN rules.