Expert IT Security Specialist

Gdynia, PL, 81-537

Job ID: 15545 


Welcome to Encryption Governance Team in Data Protection and Encryption Centre where we deliver cryptographic advisory, governance and solutions for new or existing services e.g. cloud, secure storage, cards, applications using symmetric and asymmetric cryptography. We add value by de-risking and protecting the Bank and our customers.


As the IT Security Expert, you'll play a valuable role in providing the insights into legal and regulatory changes in banking environment that could impact business and/or security performance.


Your future responsibilities


What you will be doing:

  • Monitor legal and regulatory changes in banking environment that could impact business and/or security measures in terms of encryption standards
  • Research, evaluate and recommend update to new & existing policies and procedures to ensure encryption and key management standards are in line with internal and regulatory compliance
  • Manage the process of gathering, analyzing and assessing the current and future encryption landscape, as well as providing the senior management with a realistic overview of risks and threats in the enterprise environment
  • Build strong relationships across the enterprise (with Business, Technology, Chief Security Office, other Cyber Security and Risk & Compliance units) to enable a good understanding and close alignment with business needs, direction, as well as, identified risks in relation to handling and managing encryption
  • Recommend, review and document relevant cryptographic controls to support and enforce defined security policies
  • Manage and coordinate lessons learned and process improvements coming from policy violation events, incident management cases, including detection, response, and reporting
  • Monitor and report on compliance with security policies related to cryptography, as well as the enforcement of policies across the bank
  • Act as main point of contact for corpore stakeholders in relation to cyber security and encryption governance topics
  • Operationalise cryptographic keys inventory and risk assessment program to achieve business goals with defined success criteria
  • Identify encryption related risks and drive the implementation of recommended mitigations and gap analysis
  • Management reporting analysis for encryption inventory and risk assessment
  • Ensure that standards for cryptographic controls are updated, relevant and agreed with the 2nd line of defence


Who you are


Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best - and that we imagine you share with us.


Communication skills:

  • Excellent communicator able to reduce complex ideas to simple terms and express these both to non-technical and highly technical audiences
  • Planning & Organization skills
  • Experience of planning, prioritizing, and organizing the work of yourself and others, delivering to tight deadlines whilst ensuring the effective use of resources


Your profile and background:

  • Proven track record in Encryption and Key Management and/or Information Security role including experience and knowledge of Information Security practices oriented on cryptographic standards and processes in banking environment
  • Solid knowledge of Banking regulations related to cryptography e.g., Payment Card Industry Data Security Standards (PCI DSS), National Institute of Standards and Technology (NIST), Data Protection Act, General Data Protection Regulations (GDPR) and other relevant regulations being subject of audit from institutions, such as European Central Bank and, FSA, other EU/US Financial Authorities and Banks
  • Knowledge and understanding of encryption and key management risk concepts and principles as means of addressing business needs, and design of appropriate security measures
  • Excellent understanding of encryption and information security regulations and standards, industry best practices and strategies
  • Experience working in regulated environment and cooperation with CISO/CSO, Technology Risk Management and business units in the universal bank
  • Knowledge of Encryption and Key Management domain on an expert level will be an asset


If this sounds like you, get in touch!


Next steps


At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.


Please include permit for processing personal data in CV as following:


In accordance with art. 6 (1) a. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp Branch in Poland.


The administrator of your personal data is: Nordea Bank Abp Branch in Poland, Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp Branch in Poland. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing additional personal data is voluntary however necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at:


We reserve the right to reply only to selected applications.



Department:  IT/Technology