Chief / Senior / Business Risk Manager for Group Data Privacy Office (GDPO)

Job ID: 28082 

Would you like to be part of a result-oriented, fast paced team of data privacy experts, building a strong risk management culture at the Nordics’ biggest bank? We are looking for Business Risk Managers to join the Group Data Privacy Office who supports Nordea to manage its data privacy risks. 

At Nordea, we see that the world is changing fast – and we want to be one step ahead of the curve. That’s why we’re deeply committed to providing the financial solutions of tomorrow to our customers. We’re creating an agile environment where we experiment and grow together – and we need your ideas and unique background. With us, you’ll be in good company with a chance to make your mark on something bigger. 

About this opportunity
 

You will join the Group Data Privacy Office, a newly established team in Group Business Support (GBS). The Group Data Privacy Office is a global centralised risk management unit and serves as a centre of excellence for Data Privacy in the first line of defence of Nordea. The team is responsible for driving optimisation of the Group’s data privacy risk framework, governance and operational processes to support Nordea’s Business Areas and Group Functions to safeguard personal data, comply with legal requirements and minimise risks. The team acts as one point of entry for Data Privacy related topics in the Group.

What you’ll be doing:

• Act as a data privacy and regulatory expert interacting with stakeholders across Nordea’s cross-border organisation
• Identify and assess data privacy risks and provide practical advice to manage and mitigate data privacy risks arising from new products, changes in technology and business operations, and regulations 
• Design, manage and advise on the implementation of data privacy risk management processes and controls
• Develop and implement the Group’s Data Privacy policy framework and governance, translating legal requirements into guidelines and procedures 
• Monitor and report risks for management, in line with Nordea’s risk appetite
• Build strong stakeholder relationships across the lines of defence
• Driving data privacy awareness and training across the Group
• Supporting other activities that may arise (regulatory interactions, management information reporting, projects)
   

  The role is based in Helsinki; Copenhagen; Oslo; Stockholm; Warszawa.

Who you are

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.  

To succeed in this role, we believe that you:

• Thrive in a fast-paced environment, and are able to manage and prioritise complex tasks simultaneously
• Are pro-active, and have the ability to work independently, in a structured way
• Are collaborative with an ability to present, facilitate and influence
• Excellent stakeholder management and communication skills
• Strong  analytical and reporting skills 
• English spoken (Professional level) and English written (Professional level)
   

Your experience and background: 

• Subject matter expert with knowledge and experience in data protection and privacy laws
• Experience in privacy operational processes 
• Previous risk management experience
• Relevant university degree
• Experience of working in complex organisations is desirable

If this sounds like you, get in touch!

Next steps

Submit your application no later than 12/02/2025. 

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

Please be aware that any applications or CVs coming through email or direct messages will not be accepted or considered. 

For Swedish candidates only: For union information, please contact finansforbundet@nordea.se or SACONordea@nordea.com.

For Polish candidates only: Please include permit for processing personal data in CV as following:

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: https://www.nordea.com/en/doc/nordea-privacy-policy-for-applicants.pdf.

We reserve the right to reply only to selected applications.