Security Officer

Job ID: 24104 

Would you like to play a key role in ensuring that Nordea is protected against cyber threats? We are now looking for a junior person with strong interest in information security and in security risk management. You will become a member of Group Security Risk team, which is part of the Chief Security Office (CSO).

At Nordea, we’re committed to being a trusted partner for our customers and society. Joining us means you’ll have the opportunity to make a significant impact on how we manage information security risks within the Nordea Group.

So bring your skills, ideas and unique background. With us, you’ll find plenty of opportunities to collaborate, grow and make your mark on something bigger. 

About this opportunity

Welcome to the Group Security Risk team within the CSO. The CSO is part of Group Risk in 2nd Line of Defence (LoD) who provides oversight on information security of the Group.

We add value to Nordea and to our customers by managing the information security risks and enabling managers and employees in protecting the confidentiality, integrity and availability of information. We do that in strong collaboration with Business Areas and Group Functions.

The mission of the SO is to:

• Work in adherence to the strategic direction on Information Security of the Group. Help build upon the development of the risk landscape, regulatory changes, the business strategy, the risk appetite, internal, external and regulatory findings and results from benchmarking assessments.

• Support the inprovement of transparency on cyber risks and maturity of Nordea’s cyber defence capabilities. Build upon international standards (e.g. ISO standards) and best practices where possible.
• Further improve Nordea’s cyber defence capabilities to defend against e.g. Organised Crime and Advance Persistence Threat.
• Keep Nordea compliant with regulatory requirements.

You will play a valuable role in assessing, monitoring the Group information security risk and contribute to information value in Group reporting providing senior management with relevant and accurate risk information to keep Nordea within risk appetite. You will safeguard Nordea to make it the safe and trusted partner of our customers.

What you’ll be doing:

• Performing testing work on key information security areas to provide assurance that risks are managed according to Nordea’s risk appetite
• Advising the 1st LoD on all aspects of information security risks to maintain, develop and improve a sound and effective risk culture
• Participating in development of information security risk-management practices and follow applicable regulations (e.g. EBA, FSA, EU guidelines etc.) to provide professional advice to stakeholders
• Monitoring threat landscape, key risk indicators and key controls to ensure that changes in the risk picture are captured and reported timely
• Proactively monitoring, evaluating, challenging and reporting on information security risk management activities of the 1st LoD

You will join a team of highly skilled, dedicated and experienced information security risk professionals. In this role, you will have a chance to interact with key stakeholders across the bank and gain a broad network. This position is based in Finland, Sweden or Denmark.

Who you are

Collaboration. Ownership. Passion. Courage and Curiousity. These are the values that guide us in being at our best – and that we would like you to share with us.  

To succeed in this role, we believe that you:

• Have experience in information security and/or risk management processes including industry standards and practices (e.g. ISO27001/27002/27005 etc.)
• Are a proactive, independent and pragmatic team-player with a solution oriented mindset
• Are structured, analytical and have a high ability to provide timely and accurate reporting
• Are able to focus on information value and make complex data available for a non-technical audience
• Can manage complex stakeholder relationships
• Communicate and collaborate on information security matters with colleagues across all three-lines-of-defence

Your experience and back ground:  

• Identification, assessing, monitoring and reporting on information security risks
• Practical experience using information security standards
• Data analysis capabilities to transform data into understandable reports
• Experience within the banking industry or other regulated industry
• Superior English spoken & written skills
• One or more of the following qualifications would be an advantage: CISA, CRISC, CISM, CISSP or similar

If this sounds like you, get in touch!

Next steps

Submit your application no later than 09/06/2024. We will review applicants as they arrive. For more information, you’re welcome to contact Head of Security Risk, Pia Strehmel at pia.strehmel@nordea.com. 

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

Please be aware that any applications or CVs coming through email or direct messages will not be accepted or considered. We reserve the right to reply only to selected applications. 

Only for candidates in Sweden: For union information, please contact finansforbundet@nordea.se or SACONordea@nordea.com.