Senior Technology Risk Manager to support Service Area Digital Technology

Job ID: 4436

We are looking for a Senior Technology Risk Manager to support SA (Service Area)Digital Technology, a Service Area recently transferred from Personal Banking into Group Technology. You will help the area to establish effective technology risk governance and operate confidently within the Group Technology model.

At Nordea, we are strengthening our technology risk capabilities to stay ahead of evolving technology, regulatory and customer expectations. We are working in an agile environment where we experiment, learn and grow together—and where your ideas and unique background matter. In this role, you will help shape practical technology risk governance that supports safe delivery and informed decision-making.

About this opportunity

You will join Technology Risk Advisory & Oversight (TRAO), a 1st Line of Defense function within Group Technology. TRAO strengthens technology risk governance by providing expert advisory, coordination and oversight across the organisation. We work closely with Service Areas and senior stakeholders, enabling sound decisions through insight-driven risk management and high-quality reporting.

As the Senior Technology Risk Manager, you are the dedicated risk advisor for SA Digital Technology, partnering with Service Area management, risk owners and key stakeholders. You help identify, assess, manage and report technology risks in line with Nordea’s risk appetite, internal guidelines and regulatory expectations.

What you’ll be doing:

• Partner with SA Digital Technology leaders and risk owners to identify, assess and manage technology risks, and adjust plans when priorities or the risk landscape changes.
• Coordinate SA Digital Technology input to regulatory and internal assurance requests (e.g., ECB/local FSA enquiries, IT risk questionnaires and targeted reviews), ensuring quality and timely follow-up.
• Run regular risk discussions and governance touchpoints, preparing clear inputs for decisions and documenting outcomes.
• Own end to end follow up of issues and actions: confirm ownership, improve documentation quality, track progress and escalate when needed.
• Support control work (defining, assessing and testing controls) together with relevant teams, focusing on what is practical and effective.
• Create and review management reporting that highlights key risks, trends and next steps for your internal technology stakeholders.
• Collaborate across TRAO domains (Issue Management, Risk Processes & Governance, and Risk & Control Management) to ensure consistent ways of working.

The role is based in Helsinki, Gdynia or Warsaw. We follow hybrid model of working (60% onsite – up to 40% remote). 

Who you are

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.  

We are looking for someone who:

• At least +6 years of overall work experience
• At least 3-4 years of experience in (technology) risk, operational risk or (IT) audit
• Have strong experience in risk management (e.g., technology risk, operational risk, or IT audit) and be comfortable working at senior stakeholder level. Understanding of regulatory expectations related to ICT risk, outsourcing and operational resilience.
• Can adapt well to change (organisational changes and shifting risk priorities) and keep governance practical during transitions.
• Is proactive and independent, with clear ownership and reliable follow through on routine follow-ups as well as urgent topics.
• Can step back and focus on what helps the internal customer (our technology organisation), and explain trade offs clearly.
• Ability to work with senior stakeholders and produce clear, management-level material that turns complex technical risk topics into actionable insights.
• Have independent and proactive, with strong ownership of your area and a collaborative mindset.
• Is clear communicator with both technical and non-technical stakeholders; comfortable operating in a cross-border Nordic and Polish environment.
• Is structured and pragmatic: know when to challenge and when to support. Someone who can be self-driven even if the task is routine oriented.

It would be beneficial if you know/have:

• Relevant certifications such as CRISC, CISA or CISM are an advantage.
• Comfortable working with data and risk tooling; interest in automation, analytics and AI-enabled ways of working
• Understanding of modern technology landscapes (applications, platforms, cloud services, integrations and DevOps-based delivery).
• Familiarity with recognised frameworks and standards such as COBIT, ITIL and/or ISO 27001/27002
• Should have interest in AI and how it affects risk and controls; experience using AI in everyday work is a plus. A background in digital technology from the business side and willingness to share that knowledge with the team is also beneficial.
• AI tools used in daily work (where approved) for drafting, analysis and summarising

What we offer 

People come here when they want to get somewhere. For some, it’s to take their career to the next level. People are driven by many different factors. For some, it’s to take their career to the next level. For others, it’s to break new ground within their area of expertise – in other words, with us, you will always move forward.

A culture that fosters performance and growth in one of the largest Nordic banks, offering various opportunities to evolve, develop and learn from brilliant colleagues with diverse backgrounds in a vibrant working environment.

Hybrid working model – we believe in the value of bringing people together and at the same time we embrace the freedom of flexibility. 

Diversity and inclusion are a natural part of our daily work. We know that an inclusive workplace is a sustainable one. We genuinely believe that our diverse backgrounds, experiences, characteristics and traits make us stronger together. Every day we strive to find new ways to improve diversity and inclusion within our community e.g. we have signed the European Diversity Charters in the countries where we operate to show our commitment and engage with others to continue learning and improving.

If this sounds like you, get in touch!

Next steps 

Submit your application (in PDF format in English) no later than 12/06/2026. For more information, you’re welcome to contact hiring leader Anne Saarnio at anne.saarnio@nordea.com. Please note that we will proceed with potential candidates already during the application period.

Shortlisted candidates will be invited to a call with the hiring leader. If you have any questions about recruitment steps you may contact our recruiter Sanna Frisk at sanna.frisk@nordea.com. This role is open for internal Nordea employees and advertised only internally. 

We enable dreams and aspirations for a greater good.

We build relationships. We add a personal touch to everything we do – when advising our customers, collaborating with colleagues, and meeting our potential candidates.

We learn and develop. We take pride in being experts and thinking ahead. We use our expertise to meet our customers’ needs, from the simplest to the most complex. We bring a growth mindset to our work that enables us to focus on a broader perspective in our daily challenges.

We lead change. We are responsible and aware of the impact of our decisions, both for our customers and for our local and global communities. Mindful of our responsibility towards current and future generations, we have made sustainability an integrated part of our business strategy.

We are Nordea. We have a 200-year history of supporting and growing the Nordic economies and our values are deeply rooted in these open, progressive and collaborative societies. As one of the biggest employers in the Nordics, Poland and Estonia, you have excellent opportunities to evolve, develop and move forward with us.

Only for candidates in Finland: A security clearance will be performed for the person selected for this position.

Only for candidates in Poland: Please include permit for processing personal data in CV as following:

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: https://www.nordea.com/en/doc/nordea-privacy-policy-for-applicants.pdf

We reserve the right to reply only to selected applications.