Ambu A/S is seeking a highly skilled and experienced Information Security Manager to join our Enterprise Architecture and Information Security team in Ballerup.

Security plays a critical role in everything we do at Ambu - not only to protect our business, but ultimately to ensure patient safety and trust. As part of our ongoing global transformation, we are strengthening our security capabilities and elevating the role of information security across the organization.

In this role, you will not only optimize and further develop our GRC frameworks, policies, and procedures, but also play a key role in shaping and maturing our overall security posture. You will have strong visibility across the organization, including exposure to senior leadership, and a real opportunity to influence how security is embedded into our business.

This is not a maintenance role — it is an opportunity to actively contribute to building a strong and scalable information security foundation for the future.

Key responsibilities

Your main responsibilities will include the following:

• Develop and Maintain GRC Frameworks: Enhance and update existing GRC frameworks, policies, and procedures to support a maturing security function.
• Drive Key Security Controls: Implement and manage security controls, including policies, procedures, supplier risk assessments, training and awareness programs, and metrics.
• Compliance Oversight: Ensure compliance with cybersecurity standards and regulations such as ISO27001, NIS2, and UK CE+. Conduct audits and assessments to identify and mitigate risks, and proactively strengthen the control environment.
• Cross-Functional Collaboration: Work with various departments to integrate security measures into business processes and decision-making.
• Risk Management: Identify, assess, and manage risks related to information security. Develop risk mitigation strategies that support business objectives.
• Training and Awareness: Develop and deliver training programs to enhance security awareness and ensure adherence to GRC policies and procedures.
• Metrics and Reporting: Establish and monitor key performance indicators (KPIs) to measure the effectiveness of GRC initiatives and develop presentations for senior management.

Suggested candidate profile

Skills and experiences can be earned in many different ways, and we understand that the best fit for the role cannot be prescribed on paper. You are however likely to succeed in this position if you possess:

• 8+ years of experience in cybersecurity, preferably from large complex organizations.
• Bachelor’s degree or higher in Information Security, Computer Science, or a related field.
• Relevant information security certifications such as CISSP, CISM, CRISC.
• Proven experience in GRC management within the MedTech or healthcare industry is an advantage.
• Strong understanding of regulatory requirements, policies, procedures, and industry best practices.
• Excellent communication, stakeholder, and project management skills. Ability to work collaboratively with a structured and curious mindset.
• Experience working in a multiculture environment is an advantage.

• A proactive and improvement-driven mindset, with motivation to build, enhance, and shape security capabilities rather than maintain the status quo.

Ambu – a visionary and international workplace where your efforts matter

Ambu is a company that expands rapidly and has ambitious growth targets. We meet these targets through interdisciplinary teamwork between motivated and highly skilled employees. Your contributions and efforts are crucial to our success and by joining us you will get the opportunity to work in an international head office with an informal working environment.

We offer great opportunities for personal development. Furthermore, we offer a wide range of professional, social and financial employee benefits in addition to exciting job challenges and continuous professional and personal development.