Senior Cyber Defence Analyst

Stockholm, SE, 111 46 Helsinki, FI, 200

Job ID: 20362 


The Cyber Defence Centre Engineering team is looking for a Senior Cyber Defence Analyst. The role is focused on enterprise-wide intelligence activities specifically defining and providing early warnings of advanced cyber threats targeting the Bank. In addition this role will act as the program Analyst for deception technologies intended to distract, slow down and trap threats.


This individual will help the organization understand internal and external threats in network systems and enrich investigations. Use your experience to define, develop and implement trap mechanisms. Build with automation and incident orchestration in mind.


We add value by improving and verifying the effectiveness of Nordea´s security posture. As a Defensive Practice Analyst you will play a critical role in ensuring that incident responders gain a competitive edge on looming attacks and that fog of war is deployed to slow down ongoing anomaly activity. The individual will have opportunity to influence on security strategy and tactical decision making.


What you’ll be doing:

  • Define, develop and provide early warning detection systems,
  • Collaborate and share knowledge with incident responders,
  • Define and provide deception technologies using trap concepts traps for example low/high-interaction honeypots of different nature,
  • Conduct strategic analysis of cyber security threats
  • Interface with external security researches and establish collaboration
  • Provide strategic input and advice to the Head of Cyber Defence Centre.


To succeed in this role, we believe that you have:

  • Solid knowledge and experience within Cyber Security area (detection and prevention),
  • Practical experience in defining, developing and providing early warning detection systems,
  • Understanding of attacker techniques to improve Nordea´s security posture.


Your experience and background:

  • Knowledge and experience with some of security technologies such as SIEM, SOAR, EDR, threat intelligence platforms, deception technology,
  • Technical knowledge and practical abilities in working with operating systems, networks, databases etc.,
  • Intermediate ability with coding in Python in combination with Ansible and Terraform,
  • Keen interest in technology and cyber security in order to see the wider context of things,
  • Solid problem solving and analytical skills,
  • Excellent command of business and technical English is a must (both written and spoken),
  • Having security certification such as CISM, CISSP, OSCP, CEH or GIAC security certificate with focus on detection and response area is valuable.


If this sounds like you, get in touch!


Next steps

Submit your application no later than 08/07/2024

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.


Only for candidates in Sweden: For union information, please contact or



Department:  IT/Technology