Apply now »

Senior Security Officer

Helsinki, FI, 500 Łódź, PL, 93-281 Warszawa, PL, 02-460 Stockholm, SE, 111 44

Job ID: 8461 

 

Would you like to play a key role in ensuring that Nordea is protected against cyber threats? We are now looking for a person with strong information security skills and capabilities in security risk management. You will become a member of Group Security Risk team, which is part of the Chief Security Office (CSO).


At Nordea, we’re committed to being a trusted partner for our customers and society. Joining us means you’ll have the opportunity to make a significant impact on how we manage information security risks within the Nordea Group.


So, bring your skills, ideas and unique back ground. With us, you’ll find plenty of opportunities to collaborate, grow and make your mark on something bigger. 


About this opportunity


Welcome to the Group Security Risk team within the CSO. The CSO is part of Group Risk in 2nd Line of Defence (LoD) who provides oversight on information security of the Group.


We add value to Nordea and to our customers by managing the information security risks and enabling managers and employees in protecting the confidentiality, integrity and availability of information. We do that in strong collaboration with Business Areas and Group Functions.


The mission of the CSO is to:

  • Set strategic direction on Information Security of the Group. Build upon the development of the risk landscape, regulatory changes, the business strategy, the risk appetite, internal, external and regulatory findings and results from benchmarking assessments (such as NIST assessment);
  • Improve transparency on cyber risks and maturity of Nordea’s cyber defence capabilities. Build upon international standards (e.g. ISO standards, NIST etc.) and best practices where possible;
  • Further improve Nordea’s cyber defence capabilities to defend against e.g. Organised Crime and Advance Persistence Threat; and
  • Keep Nordea compliant with regulatory requirements.


You will play a valuable role in assessing, monitoring the Group information security risk and contribute to information value in Group reporting providing senior management with relevant and accurate risk information to keep Nordea within risk appetite. You will safeguard Nordea to make Nordea the safe and trusted partner of our customers.


What you’ll be doing:

  • Perform testing work on key information security areas to provide assurance that risks are managed according to Nordea’s risk appetite.
  • Advise the 1st LoD on all aspects of information security risks to maintain, develop and improve a sound and effective risk culture.
  • Participate in development of information security risk-management practices and  follow applicable regulations (e.g. EBA, FSA, EU guidelines etc.) to provide professional advice to stakeholders.
  • Monitor threat landscape, key risk indicators and key controls to ensure that changes in the risk picture are captured and reported timely.
  • Proactively monitor, evaluate, challenge, and report on information security risk management activities of the 1st LoD.


You will join a team of highly skilled, dedicated and experienced information security risk professionals. In this role, you will have a chance to interact with key stakeholders across the bank and gain a broad network.


Who you are


Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we would like you to share with us.  


To succeed in this role, we believe that you:

  • Have experience of information security and/or risk management processes including industry standards and practices (e.g. ISO27001/27002/27005, NIST etc.);  
  • Are a proactive, independent and pragmatic team-player with a solution oriented mindset;
  • Are structured, analytical and have a high ability to provide timely and accurate reporting;
  • Are able to focus on information value and make complex data available for a non-technical audience;
  • Can manage complex stakeholder relationships; and
  • Communicate and collaborate on information security matters with colleagues across all three-lines-of-defence.


Your experience and back ground:  

  • Identification, assessing, monitoring and reporting on information security risks
  • Practical experience using information security standards;
  • Data analysis capabilities to transform data into understandable reports;
  • Experience from the banking industry or other regulated industry;
  • Superior English spoken & written skills; and
  • One or more of the following qualifications would be an advantage: CISA, CRISC, CISM, CISSP, CEH or similar.

 

If this sounds like you, get in touch!

 

Next steps

Submit your application no later than 28/08/2022. For more information, you’re welcome to contact Irfan Hussain. Irfan.hussein@nordea.com

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

 

Please include permit for processing personal data in CV as following:

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: privacy-policy.2021.pdf (nordea.com).

We reserve the right to reply only to selected applications.

Department:  Credit and Risk management

Learn more about us

Learn more about us

How we recruit

Who we are

Sustainability in Nordea

Our purpose and values

 

Apply now »