Expert - Cyber Security Strategy and Design

Job ID: 23148 

Welcome to Nordea Cyber Security! In an environment of marketplace changes and constant emerging threats, our team of experts work towards providing trusted technology environments for Nordea, while ensuring our security commitments are fulfilled.

Are you our new Expert in Cyber Security Strategy and Design? 

We are looking for a specialist with hands-on experience across multiple cyber security domains and technologies to join our newly established Strategy and Design team within our Cyber Security organization. If you are passionate about cyber security technologies and concepts such as zero trust, cloud, DevSecOps, AI and automation. There is opportunity for you to contribute and grow within a team of professionals.

Velocity of change is increasing, this role will help bridge the gap between technology, cyber security, and risk through new concept exploration and having a firm grasp of what is coming.

About this opportunity 

You will be a part of a growing team operating as the visionary force shaping Nordea's cyber security strategy going forward. Your aim is to translate high-level vision into practical reality across Nordea's technology teams, providing guidance on desired solutions and ensuring alignment with the anticipated future outlook. Your profile represents a wide skillset covering people, processes, and technology. 

You should have knowledge and experience in one or more of the following areas

• Deep technical knowledge for assessing risks across multiple cyber security domains to assist teams with their ongoing projects, from a technical perspective.
• Identification, assessment, and implementation of technical security controls based on best practice frameworks and regulatory requirements
• Embracing strategic cyber security concepts, like Zero Trust, from initial analysis to establishing the implementation of development project(s) 
• Solid knowledge of cyber security aspects and technical capabilities relating to networks, cloud, applications, and endpoints
• Architectural principles, standards, and reference architectures
• Understanding of secure software development lifecycle and agile principles
• Implementing or integrating solutions such as IAM, M365, or XDR. However, rather than specific technology experience, we are looking for the right mindset of evaluating technology solutions, understanding their capabilities and shortcomings, and establishing their fit into the current architectural blend.

What you will be doing

• Assume the role as a cyber security expert in technology projects and other initiatives, steering them towards our Zero Trust vision, and ensuring appropriate security controls are in place from the outset.
• Shaping the strategic cyber dialogue to meet short and midterm targets by articulating priorities and guiding execution, considering proactive foresight between creation of new cyber capabilities and streamlining current cyber capabilities. 
• Bridging the gap between implementation and security requirements, utilizing your developer minded approach. Technical deployments will depend upon your assessment and input.
• Participating in development, design, and implementation of compliant cyber security controls for solutions in infrastructure, operations, and application areas 
• Participating in design and development of cyber security reference architectures and anticipate required cyber security capabilities to adapt with the evolving threat landscape.
• You will join a vibrant and dynamic team with great opportunities for continuous professional growth. We support each other to be better and raise the bar. 

Who you are 

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us. 

To succeed in this role, we believe that you have:

• Solid knowledge and documented experience within cyber security areas (network/information security certifications will be an advantage) 
• Experience of working in a regulated industry 
• Experience of working with standard cyber security frameworks like NIST, ISO or CIS 
• Experience from operational, design and architecture roles 
• Experience in managing technology risks 
• Experience in full stack development, infrastructure as code, and pipeline management is a plus.
• Ability to communicate technical ideas to non-technical individuals 
• Ability to gather information from various sources and see the bigger picture 
• Ability to work with multiple topics simultaneously 
• Self-driven individual with a “can-do” attitude and superb communication skills 
• Fluent business and technical English are a necessity (both written and spoken) 

If this sounds like you, get in touch!

Next steps

Timeline and process:

Welcome to apply by submitting your application no later than 07/04/2024. Please be informed that applications will be reviewed continuously and interviews might also be booked during this time. 

Kindly also note that a background check will be conducted.

Location:

The role is based in Helsinki or Stockholm. Occasionally you might travel to meet up with other team members. In Nordea we also have a hybrid working model allowing an option of partial remote work.

For more information, you are welcome to contact hiring leader Timo Valonen, Head of Cyber Security Strategy and Design, at timo.valonen@nordea.com. 

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving our customers and communities. So please come as you are.

Only for candidates in Sweden: For union information, please contact finansforbundet@nordea.se or SACONordea@nordea.com.

#Full-time