Senior Technology Risk Manager focusing on BCBS 239

Helsinki, FI, 00500 Gdynia, PL, 81-537 Warszawa, PL, 02-460

Job ID: 4725

 

We are looking for a Senior Technology Risk Manager to support control management, assessment and testing for Data risk management controls (e.g. those addressing BCBS 239 risk management requirements). You will support the overall Risk and Control Management objectives in ensuring effective data risk management controls within the Group Technology model.

 

At Nordea, we are strengthening our technology and data risk capabilities to stay ahead of evolving technology, regulatory and customer expectations. We are working in an agile environment where we experiment, learn and grow together—and where your ideas and unique background matter. In this role, you will help shape practical technology risk governance that supports safe delivery and informed decision-making.

 

About this opportunity

 

You will join Technology Risk Advisory & Oversight (TRAO), a 1st Line of Defense function within Group Technology. TRAO strengthens technology risk governance by providing expert advisory, coordination and oversight across the organisation. We work closely with Service Areas and senior stakeholders, enabling sound decisions through insight-driven risk management and high-quality reporting.

 

As a Senior Technology Risk Manager, you will own and manage a portfolio of data risk–related controls across their full lifecycle and act as a trusted partner to data and ICT risk management stakeholders, including senior stakeholders. You will play a key role in ensuring that data risk controls are well‑designed, effectively tested, and transparently reported, enabling informed decision‑making and regulatory compliance. You will help support Technology Risk and Control Management (RCM) by monitoring and assessing the effectiveness of controls in reducing non-financial risks, including data and ICT risks, in line with Nordea’s risk appetite, internal guidelines and regulatory expectations.

 

What you’ll be doing

  • Control Identification including ensuing Key and Non-Key Controls are identified and controls cover Data risks, internal rules & key regulatory expectations and industry guidance (e.g. BCBS 239, DMBOK)
  • Coordinating with control owners to define controls
  • Perform gap analyses to identify control weaknesses and design enhancements where data risks are insufficiently mitigated
  • Define, review, and test key and non‑key controls addressing data risks, including data quality, data lineage, data aggregation, and risk reporting capabilities, aligned with internal rules and  BCBS 239 principles
  • Ensure controls are clearly articulated, risk‑aligned, and mapped to internal risk taxonomies, policies, and regulatory expectations
  • Evaluate control effectiveness, document outcomes, and assess the impact on residual risk
  • Support remediation actions by working closely with control owners to strengthen control design and execution
  • Act as a strong SME and trusted advisor on data risk controls and BCBS 239 requirements with stakeholders
  • Build strong working relationships with control owners, data management teams, technology leadership, and second‑line of defence
  • Facilitate risk and control discussions, challenge constructively, and drive practical, risk‑based outcomes
  • Create and review management reporting that highlights key risks, trends and next steps for your internal technology stakeholders
  • Collaborate across TRAO domains (Issue Management, Risk Processes & Governance, and Technology Risk Advisory) to ensure consistent ways of working

 

The role is based in Helsinki, Gdynia or Warsaw. We follow hybrid model of working (60% onsite – up to 40% remote). We would like to welcome new team member in June-July 2026.

 

Who you are

 

Collaboration. Ownership. Passion. Courage. If you recognise yourself in these values—and you thrive where expectations are high, conversations are direct and outcomes matter—you will feel at home with us. We’re looking for a senior professional who brings calm judgement under pressure, can challenge constructively, and translates regulatory needs into practical, workable controls across data and technology.

 

We are looking for someone who:

  • Has solid experience (6+ years) in technology, data, or operational risk, ICT audit, or similar control environments
  • Understands BCBS 239 and can apply it in practice (risk data aggregation & reporting)
  • Knows how to design, test, and manage data risk controls (e.g. data quality, lineage, reporting)
  • Is familiar with model risk validation and how it connects to data management
  • Can translate between technology and business needs (e.g. controls, regulation, risk appetite)
  • Takes ownership, works independently, and handles ambiguity with confidence
  • Communicates clearly with senior stakeholders, including in regulatory contexts
  • Works in a structured, pragmatic way and drives topics to clear outcomes
  • Professional English skills


It would be beneficial if you know/have:

  • Have experience from banking or another regulated environment
  • Know Nordea ways of working or have an internal network
  • Understand Finnish regulation (Finnish skills are an advantage)
  • Hold relevant certifications (e.g. DAMA, CRISC, CISA, CISM)
  • Have experience with data/risk tools, analytics, automation, or AI
  • Understand modern tech environments (cloud, platforms, integrations, DevOps)
  • Are familiar with frameworks like DMBOK, COBIT, ITIL, or ISO standards
  • Are interested in AI and its impact on risk and controls

 

What we offer
 

Collaboration. Ownership. Passion. Courage. These are the values that guide us in how we work and how we make decisions – and that we imagine you share with us.  

 

People are driven by many different factors. For some, it’s to take their career to the next level. For others, it’s to break new ground within their area of expertise – in other words, with us, you will always move forward.

 

A culture that fosters performance and growth in one of the largest Nordic banks, offering various opportunities to evolve, develop and learn from brilliant colleagues with diverse backgrounds in a vibrant working environment.

 

Hybrid working model – we believe in the value of bringing people together and at the same time we embrace the freedom of flexibility. 

 

Diversity and inclusion are a natural part of our daily work. We know that an inclusive workplace is a sustainable one. We genuinely believe that our diverse backgrounds, experiences, characteristics and traits make us stronger together. Every day we strive to find new ways to improve diversity and inclusion within our community e.g. we have signed the European Diversity Charters in the countries where we operate to show our commitment and engage with others to continue learning and improving.

 

If this sounds like you, get in touch!

 

Next steps 

 

Submit your application (in PDF format in English) no later than 31/07/2026. Please note that we will start the review of candidates after the publishing due to summer holiday period.

 

We enable dreams and aspirations for a greater good.

 

We build relationships. We add a personal touch to everything we do – when advising our customers, collaborating with colleagues, and meeting our potential candidates.

 

We learn and develop. We take pride in being experts and thinking ahead. We use our expertise to meet our customers’ needs, from the simplest to the most complex. We bring a growth mindset to our work that enables us to focus on a broader perspective in our daily challenges.

 

We lead change. We are responsible and aware of the impact of our decisions, both for our customers and for our local and global communities. Mindful of our responsibility towards current and future generations, we have made sustainability an integrated part of our business strategy.

 

We are Nordea. We have a 200-year history of supporting and growing the Nordic economies and our values are deeply rooted in these open, progressive and collaborative societies. As one of the biggest employers in the Nordics, Poland and Estonia, you have excellent opportunities to evolve, develop and move forward with us.

 

If you are an external consultant interested in this role and wish to apply please contact the hiring people leader for separate instruction on how to apply.

 

Only for candidates in Finland: A security clearance will be performed for the person selected for this position.

 

Only for candidates in Poland: Please include permit for processing personal data in CV as following:

 

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

 

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: https://www.nordea.com/en/doc/nordea-privacy-policy-for-applicants.pdf

 

We reserve the right to reply only to selected applications.

Department:  Credit and Risk management

Learn more about us

Learn more about us

How we recruit

Who we are

Sustainability in Nordea

Our purpose and values