Lead Risk Expert

Would you like to help secure the bank in a technology and data driven world? We are now looking for a Lead Risk Expert to constructively challenge and proactively support on risk management practices, control appropriateness and regulatory compliance, as executed by the first line of defence on Technology and Data Governance and Management topics.

At Nordea, we're committed to being a partner our customers and society can count on. Compliance and integrity go hand in hand. Joining us means you'll have an impact on how we do banking – today and tomorrow. So bring your ideas, skills and unique background. With us, you'll be in good company with plenty of opportunities to collaborate, grow and make your mark on something bigger.

Welcome to the Operational Risk Technology and Data team. The Operational Risk Technology and Data team are the Technology and Data risk oversight team with the broader Group Operational Risk oversight second line of defence (2LoD) function. We add value by ensuring transparency on the highest risks and topical or thematic risks, and partner with the first line of defence (1LoD) to enable the business to reach and maintain a risk profile that is within risk appetite. The team supports Nordea by identifying, assessing and monitoring technology and data related risks and control gaps. Our role is to challenge and support Nordea's business in building well-controlled, secure business in a fast-changing environment.

As a Lead Risk Expert, you'll play a valuable role in influencing the first line of defence to manage technology and data related risks to risk appetite.

What you’ll be doing:

• Understand and have substantial experience in Technology and data risk and control processes, within the banking industry, at a senior expert level
• Be fully familiar with COSO, COBIT, ITIL, ISO 27000, NIST Cybersecurity and other ITSM and data risk management related industry frameworks
• Experience in driving decision making at senior management level by providing knowledge and insights for strategic decisions
• Understand the Data Governance, Data Management (including Data Quality Management) and Data risk profile of the bank, including key risks, control design and control performance
• Lead and ensure that adequate risk frameworks and processes are in place, risks are identified and analysed, well understood (including advising 1LoD on frameworks and risk management), monitored, controlled, mitigated and reported for Technology & Data risk management.
• Set direction, create purpose and lead change around own area of responsibility, ensuring understanding among others related to priorities, dependencies and consequences
• Expected to provide leadership in terms of representing the team toward key senior management stakeholders and forums
• Proactively educates/ train colleagues in relation to own area of responsibility
• Perform audit-like assurance reviews over data risks
• Monitor risk indicators and risk mitigation progress
• Constructively challenge and proactively support the first line on risk management practices, regulatory compliance, and control appropriateness
• Report to Management, on the highest risks, and topical or thematic risks and partner with the first line to enable the business to reach and maintain their risk appetite

You'll join a dynamic and talented team driving pragmatic and risk focused oversight services. The role can be based in Warsaw or Gdynia.

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.

To succeed in this role, we believe that you:

• Can independently anticipate and meet the Operational Risk Technology and Data Team, Group Operational Risk, and Group Risk and Compliance, Technology & Data risk control and monitoring expectations.
• A technical understanding of Data Governance, Data Management (including Data Quality Management) and Data risk profile related processes, technologies and industry practices
• Competent risk assessment and risk judgement, and ability to translate this to influence the first line's risk profile to meet risk appetite
• Working knowledge of the regulatory expectations regarding Technology and Data related risks at European and local Nordic country levels
• Deep expertise on BCBS 239 Risk Data Aggregation and Risk Reporting

Your experience and background:  

• Relevant Bachelor or Master's degree in a technical or business subjects
• Relevant technical qualifications (e.g. DAMA)
• Relevant IT risk qualifications such as CISA, CRISC, CISM or ITIL
• English spoken & written (Superior level)
• Flexible, open-minded and a strong cultural awareness
• Banking awareness and economics understanding (Superior level)
• Relevant broader financial industry/risk management certifications are desirable (e.g. CPA, CA, FRM, IRM)

If this sounds like you, get in touch!

Submit your application no later than 16 April 2021.

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

Please include permit for processing personal data in CV as following:

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: http://www.nordea.com/Images/33-355365/nordea-com-careers-job-pl-en.pdf

We reserve the right to reply only to selected applications.