(Senior) IT Security Specialist - Security Findings Governance
Warszawa, PL, 02-460
Nordea
Nordea is a leading Nordic universal bank – we are a strong and personal financial partner with financial solutions that best meet your needs so you can achieve your goals and realise your dreams.Job ID: 27918
Would you like to become the pillar of Security Findings Governance Program in Nordea? We are looking for a true driver who will enable the execution of findings remediation and strive to enhance security posture of Nordea!
About this opportunity
Welcome to Cyber Security Governance Team. We add value by proactively de-risking the bank through enhancing findings remediation endeavours via using innovative capabilities to be fit for the constantly evolving threat landscape.
What you’ll be doing:
- Identifying remediation gaps and driving towards their resolution
- Advising stakeholders on the available solutions and actions that must be undertaken
- Analysing scanning results to define concrete steps directed at de-risking the bank
- Collaborating with remediation accountable and responsible stakeholders
- Ensuring security findings are understood and remediation pace is adequate
You’ll join a team of passionate professionals in IT Security area. The role is based in Gdynia, Warsaw or Łódź.
Who you are
Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.
To succeed in this role, we believe that you:
- Demonstrate a high degree of structure, flexibility, planning and prioritization skills, and deliver timely service consistently
- Are comfortable with stakeholder management and can explain technical findings to both technical & non-technical stakeholders
- Are eager to work along with IT teams to ensure remediation management quality
- Are self-driven individual with high focus on resolving issues if they arise, able to gather information from different sources
Your experience and background:
- Very good understanding of security domains, especially security findings assessment and remediation areas, supported by at least 1-2 years of experience
- Governance knowledge, proven by experience in at least one of the security findings fields: vulnerabilities on workstations and/or servers, vulnerabilities on containers, SAST, security baseline deviations (policy compliance)
- Knowledge and experience within the fields of DAST, threat modelling, problem management, Secure DevOps, DORA, OWASP is considered an advantage
- Advanced trouble-shooting and conceptual skills with the ability to come up with solutions to uncommon problems related to remediation actions
- Knowledge of tools & methodologies for security findings assessment and enrichment would be an asset
- Ability to interpret results using a variety of techniques, ranging from simple exploratory data analysis to statistical modelling would be an asset
- Good understanding of risk based approach and risk management
- Experience in cross-organizational collaboration/negotiation
- Fluent business and technical English is a must (both written and spoken)
Main benefits of working at Nordea Poland:
- Reasonable workload and Nordic work atmosphere
- Development opportunities - you will have access to e-learning platforms like Udemy and O'Reilly, plus have a chance to take part in conferences across Poland and Europe
- Hybrid work model to have a chance to integrate with the Team, there is a high flexibility
- Cafeteria platform
- Pension program (PPE): Nordea pays extra 3,5% of your salary gross monthly to a dedicated pension account
- Profit-sharing program
- Recommendation program if you find a colleague that joins Nordea, and much more...
If this sounds like you, get in touch!
Next steps
At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.
Please include permit for processing personal data in CV as following:
In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.
The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: nordea.com/en/doc/nordea-privacy-policy-for-applicants.pdf
We reserve the right to reply only to selected applications.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance DAST DevOps GDPR Governance OWASP Privacy Risk management SAST Vulnerabilities
Perks/benefits: Career development Conferences
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.