(Senior) IT Security Expert with a strong background from IT, for Nordea’s Chief Security Office, any of the Nordic countries.
Would you like to play a key role in ensuring that Nordea is protected against IT security threats? We are now looking for Security Experts with a passion for tech combined with the regulatory area to our technology security governance activities.
At Nordea, we’re committed to being a partner our customers and society can count on. Compliance and integrity go hand in hand. Joining us means you’ll have an impact on how we do banking – today and tomorrow. So, bring your ideas, skills and unique background. With us, you’ll be in good company with plenty of opportunities to collaborate, grow and make your mark on something bigger.
About this opportunity
Welcome to the Technology Security Oversight. As a member of the Nordea security team working within Nordea Group Risk and Compliance in second line of defense. We are overall responsible for security monitoring, control and reporting and that Nordea has an effective security governance and management process in place.
We add value to Nordea and to our customers by managing the information security risks and enabling managers and employees to act correctly in protecting the confidentiality, integrity and availability of information. We do that in strong collaboration with business areas and Group functions. The unit supports the entire Nordea Group.
Our mission is to:
- Build upon the development of the risk landscape, regulatory changes, the business strategy, the risk appetite, internal, external and regulatory findings, results from benchmarking assessments (such as the PwC NIST assessment) and considers the ongoing implementation of earlier security objectives
- Improve transparency on cyber risks and maturity of Nordea’s cyber defence capabilities. Build up on international standards and best practices where possible;
- Further improve Nordea’s cyber defence capabilities to drive the risk of Organised Crime Advanced Persistence Threat below “Critical”; and
- Keep Nordea compliant with regulatory requirements.
You will play a valuable role in driving and implementing strong and advanced governance of security technology, e.g.. in governance of vulnerability management, patch management and penetration testing.
You will be part of a team of highly skilled colleagues and work very closely with business line and colleagues.
What you’ll be doing:
- Provide oversight of first line security posture
- Challenge and proactively advice the first line on security processes, regulatory compliance, and control appropriateness
- Define and demonstrate prudent application and infrastructure security oversight
- Define, monitor and measure security controls embedded in our SDLC (Software Development Life Cycle)
The role can be based in Copenhagen, Stockholm, Oslo or Helsiniki.
Who you are
Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.
To succeed in this role, we believe that you;
- Possess the capability of transforming IT security and the regulatory requirements into operational processes, and ensure the implementation of IT security controls
- Have a sound, competent and fine-tuned security risk judgement and ability to bridge the technical with the regulatory requirements
- Have a passion/interest for tech security combined with understanding of regulatory requirements
- Hold integrity and trust as your core values and have excellent collaboration and stakeholder management skills
- Demonstrate structured thinking and be comfortable working with complex assignments
- Are proactive, independent, pragmatic and solution oriented
- Strong presentation skills and the ability to produce management oversight and reporting
Your experience and background:
- Proven track record within technology security
- Have a background within IT compliance or security, with solid experience of infrastructure processes and regulatory compliance
- You have superior English spoken and written skills, and the following qualifications are well regarded
- Relevant Bachelor or Master Degree in a technical subject
- Relevant security qualifications such as CRISC, CISM, CISSP
If this sounds like you, get in touch!
Submit your application no later than 10 August 2020.
At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.
We are the largest financial services group in the Nordic region and one of the biggest banks in Europe. Our employees add value to our customers and society by sharing a wide range of competencies within finance, tech, business, risk and compliance. Read more about us at nordea.com