Senior IT Security Analyst within Privileged Access Management

Job ID: 21563 

We are looking for a Senior IT Security Analyst to join our Privileged Access Management (PAM) team within our Identity and Access Management (IAM) organisation. This is an opportunity for you to be part of an international team, eager to support our mission to Protect the Bank: De-risked, Compliant, Secure & Protected.
 

About this opportunity

In IAM, we provide centralised IAM solutions and standardised IAM services with the ambition to strengthen the security of the bank and act as single point of contact for all units within Nordea, utilizing these solutions and services. IAM belongs to the Cyber Security area within Nordea. 

As the Senior IT Security Analyst, you will play a key role in developing and maturing our PAM solution. The role will be combined with taking the Application Ownership for our PAM solution. As Application Owner you will have a crucial role in safeguarding our PAM solution, govern the application used in the area and make sure that it is following Nordea’s Application Management Guidelines, stipulating what has to be operational fulfilled to be secure and compliant according to Nordea’s policies and guidelines.

What you’ll be doing:

• Drive meetings with stakeholders in order to capture and document business requirements for new initiatives and potential improvements
• Work closely with Product Owner, Process Owner and IAM Architect to increase the maturity level of the PAM offering in Nordea
• Take ownership of application portfolio and its lifecycle management
• Collaborate with DevOps team for creation of effective PAM controls and processes within the organisation
• Ensure application is managed in accordance with test and change management processes
• Work closely with operations team to secure application compliance with Nordea’s application management policies and guidelines
• Execute application risk assessments, manage potential and ensure mitigation of identified risks

The role is based in modern premises located centrally in Helsinki, Stockholm, Oslo, or in the TriCity area in Poland, with the possibility to work partly from home. Please, note the candidate should be located in the country of hire already.

Who you are

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.  
 

To succeed in this role, we believe that you have:

• Great collaboration and negotiation skills for working with various stakeholders within Nordea
• Strong technical analytical and documentation skills
• A structured and organised way of working with the ability to deliver results with high quality
• The ability to do conversion between business and technical context
• The willingness to take ownership and delegate responsibility when needed
• A strong can-do attitude and self-driven approach
• Fluency in English (spoken and written)

Your experience and background: 

• Several years of proven experience working with CyberArk or similar PAM solution
• Knowledge of IAM practices, for both on-premise and cloud environments
• Understanding of fundamental identity security principles (such as SoD, Least Privilege, Zero Trust)
• Previous experience of working with a DevOps team
• Understanding of IT processes and system development life cycle
• Familiarity with Cyber Security and IT frameworks/controls (such as CIS, NIST, ISO 2700x, COBIT, ITIL)
• Basic understanding of directory services, operating systems, databases and network devices
• Security certifications are a plus

If this sounds like you, get in touch!

Next steps

Submit your application no later than 28/04/2024. For more information, you’re welcome to contact Head of Access Management, Chatrine Höök at chatrine.hook@nordea.com.

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

Please be aware that any applications or CVs coming through email or direct messages will not be accepted or considered.

Only for candidates in Sweden: For union information, please contact finansforbundet@nordea.se or SACONordea@nordea.com.

Only for candidates in Poland: Please include permit for processing personal data in CV as following: 

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp. 

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at:https://www.nordea.com/en/doc/nordea-privacy-policy-for-applicants.pdf.

We reserve the right to reply only to selected applications.