IT Security Expert, Data Privacy and Protection
Would you like to take part in interesting projects and acivities from IT Security world? We are now looking for a IT Security Expert, Data Privacy and Protection to develop and drive IT Security compentce in the field of data privacy and protection.
In Nordea, we’re harnessing the power of technology to reinvent the future of banking. A tech revolution is underway – and you can make an impact. Though we’re a Nordic bank, we’re also one of the largest IT employers in Tricity and Warsaw. Working with international teams in an inspiring working environment, you’ll have lots of opportunities to expand your skills and advance your career.
About this opportunity
Welcome to the Data Protection and Encryption Centre team. We add value by derisking and protecting the Bank and our costomers. As IT Security Expert, Data Privacy and Protection. As IT Security Expert, Data Privacy and Protection, Warsaw or Gdynia you’ll play a valuable role in providing the insights into legal and regulatory changes in banking environment that could impact business and/or security performance.
What you’ll be doing:
- Monitor legal and regulatory changes in banking environment that could impact business and/or security performance. Ensure that all data protection controls are updated, relevant and agreed with Audit and 2nd line of defense.
- Research, evaluate and recommend update to new & existing policies and procedures to ensure data protection measures are in line with regulatory compliance.
- Manage the process of gathering, analyzing and assessing the current and future data protection landscape, as well as providing the senior management with a realistic overview of risks and threats in the enterprise environment.
- Build strong relationships across the enterprise (with Business, Data Privacy Office, Legal, Risk and Compliance units) to enable a good understanding and close alignment with business needs, direction, business identified risks in relation to handling and protection of data.
- Recommend, review and coordinate the implementation of technical data protection controls to support and enforce defined security policies.
- Manage and coordinate lessons learned and process improvements coming from policy violation events, incident management cases, including detection, response and reporting.
- Monitor and report on compliance with security policies, as well as the enforcement of policies across the bank.
- Act as main contact point for core stakeholders in relation to Cybersecurity Data Protection topics.
The role is based in Gdynia; Warsaw.
Who you are
Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.
To succeed in this role, we believe that you have:
- Excellent communicator able to reduce complex ideas to simple terms and express these both to non-technical and highly technical audiences.
Planning & Organization skills
- Experience of planning, prioritizing and organizing the work of yourself and others, delivering to tight deadlines whilst ensuring the effective use of resources.
Your experience and background:
- Proven track record in Data Protection and/ or Information Security role including experience and knowledge of Information Security practices oriented on Data Security in banking environment.
- Excellent knowledge of Banking regulations related to Data Protection, e.g. Payment Card Industry Data Security Standards (PCI DSS), Data Protection Act, General Data Protection Regulations (GDPR), MIFID II and other relevant regulations being subject of audit from institutions such as European Central Bank and, FSA, other EU/ US Financial Authorities and Banks.
- Excellent knowledge and understanding of Data Leakage risk concepts and principles as means of addressing business needs and design of appropriate security measures.
- Excellent understanding of Data& Information Security regulations and standards, industry best practices and strategies.
- Experience in working in regulated environment and Cooperation with DPO, Legal, Risk& Compliance and business units in the universal bank.
- Knowledge of Data Leakage Prevention and Database Activity Monitoring capabilities will be an asset.
If this sounds like you, get in touch!
Submit your application no later than 31/12/2021. For more information, you’re welcome to contact Pawel Weiczorek (firstname.lastname@example.org)
At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.
Please include permit for processing personal data in CV as following:
In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.
The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: privacy-policy.2021.pdf (nordea.com)
We reserve the right to reply only to selected applications.