Security Officer
Helsinki, FI, 500
Nordea
Nordea is a leading Nordic universal bank – we are a strong and personal financial partner with financial solutions that best meet your needs so you can achieve your goals and realise your dreams.Job ID: 24104
Would you like to play a key role in ensuring that Nordea is protected against cyber threats? We are now looking for a junior person with strong interest in information security and in security risk management. You will become a member of Group Security Risk team, which is part of the Chief Security Office (CSO).
At Nordea, we’re committed to being a trusted partner for our customers and society. Joining us means you’ll have the opportunity to make a significant impact on how we manage information security risks within the Nordea Group.
So bring your skills, ideas and unique background. With us, you’ll find plenty of opportunities to collaborate, grow and make your mark on something bigger.
About this opportunity
Welcome to the Group Security Risk team within the CSO. The CSO is part of Group Risk in 2nd Line of Defence (LoD) who provides oversight on information security of the Group.
We add value to Nordea and to our customers by managing the information security risks and enabling managers and employees in protecting the confidentiality, integrity and availability of information. We do that in strong collaboration with Business Areas and Group Functions.
The mission of the SO is to:
- Work in adherence to the strategic direction on Information Security of the Group. Help build upon the development of the risk landscape, regulatory changes, the business strategy, the risk appetite, internal, external and regulatory findings and results from benchmarking assessments.
- Support the inprovement of transparency on cyber risks and maturity of Nordea’s cyber defence capabilities. Build upon international standards (e.g. ISO standards) and best practices where possible.
- Further improve Nordea’s cyber defence capabilities to defend against e.g. Organised Crime and Advance Persistence Threat.
- Keep Nordea compliant with regulatory requirements.
You will play a valuable role in assessing, monitoring the Group information security risk and contribute to information value in Group reporting providing senior management with relevant and accurate risk information to keep Nordea within risk appetite. You will safeguard Nordea to make it the safe and trusted partner of our customers.
What you’ll be doing:
- Performing testing work on key information security areas to provide assurance that risks are managed according to Nordea’s risk appetite
- Advising the 1st LoD on all aspects of information security risks to maintain, develop and improve a sound and effective risk culture
- Participating in development of information security risk-management practices and follow applicable regulations (e.g. EBA, FSA, EU guidelines etc.) to provide professional advice to stakeholders
- Monitoring threat landscape, key risk indicators and key controls to ensure that changes in the risk picture are captured and reported timely
- Proactively monitoring, evaluating, challenging and reporting on information security risk management activities of the 1st LoD
You will join a team of highly skilled, dedicated and experienced information security risk professionals. In this role, you will have a chance to interact with key stakeholders across the bank and gain a broad network. This position is based in Finland, Sweden or Denmark.
Who you are
Collaboration. Ownership. Passion. Courage and Curiousity. These are the values that guide us in being at our best – and that we would like you to share with us.
To succeed in this role, we believe that you:
- Have experience in information security and/or risk management processes including industry standards and practices (e.g. ISO27001/27002/27005 etc.)
- Are a proactive, independent and pragmatic team-player with a solution oriented mindset
- Are structured, analytical and have a high ability to provide timely and accurate reporting
- Are able to focus on information value and make complex data available for a non-technical audience
- Can manage complex stakeholder relationships
- Communicate and collaborate on information security matters with colleagues across all three-lines-of-defence
Your experience and back ground:
- Identification, assessing, monitoring and reporting on information security risks
- Practical experience using information security standards
- Data analysis capabilities to transform data into understandable reports
- Experience within the banking industry or other regulated industry
- Superior English spoken & written skills
- One or more of the following qualifications would be an advantage: CISA, CRISC, CISM, CISSP or similar
If this sounds like you, get in touch!
Next steps
Submit your application no later than 09/06/2024. We will review applicants as they arrive. For more information, you’re welcome to contact Head of Security Risk, Pia Strehmel at pia.strehmel@nordea.com.
At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.
Please be aware that any applications or CVs coming through email or direct messages will not be accepted or considered. We reserve the right to reply only to selected applications.
Only for candidates in Sweden: For union information, please contact finansforbundet@nordea.se or SACONordea@nordea.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Banking CISA CISM CISSP CRISC ISO 27001 Monitoring Risk management Strategy
Perks/benefits: Career development Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs