Security testing specialist

Would you like to be a part of Quality Assurance community and improve the security testing awareness and knowledge in development initiatives?

We are now looking for an experienced security tester lead to drive and manage the security aspects within the Non-Functional Testing Center of Excellence (NFT CoE) at Nordea.

In Nordea, we’re harnessing the power of technology to reinvent the future of banking. A tech revolution is underway – and you can make an impact. Working with international teams in an inspiring working environment, you’ll have lots of opportunities to expand your skills and advance your career. 

Welcome to the international team of Quality Assurance. We add value by increasing production stability and cost efficiency while creating and deploying new solutions to our customers. As security test expert, you’ll play a valuable role in increasing the security of delivered solutions. What you will be doing:

• Enable the NFT CoE to grow in the area of security testing.
• Proactively drive improvements Nordea wide in the security testing area.
• Drive and solve security testing related challenges across global teams.
• Drive and define activities for security testing in the CI/CD pipeline.
• Drive and establish automation of security testing.
• Plan, execute, report and document security testing, employing the test methods static application testing (SAST) and dynamic application testing (DAST).
• Be SME in dialog with Vendor and secure the deliveries from a security testing perspective.

Stay updated on emerging security threats, vulnerabilities and security controls.

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.

To succeed in this role, we believe that you:

• Have several years of experience in security testing and analysis.
• Has strategic overview of testing processes and how security fits into the greater picture of the technology landscape.
• Have the ability to lead people towards common goals and objectives.
• Have a proactive, innovative and solution driven mindset. Are eager to learn and comfortable with delivering a variety of tasks in an evolving and changing environment.
• Demonstrates a high degree of structure, flexibility, planning and prioritization skills, and delivers in a timely manner, with focus on quality.
• Are hands-on with the technical aspects, as well as interested in the bigger architecture aspects of cyber security.

Your experience and background:

• Bachelor in Computer Science, Information Systems or related discipline, or equivalent work experience.
• Several years of experience in the security testing discipline, both static application security testing (SAST) and dynamic application testing (DAST).
• Experienced test manager, with hands-on experience in security test planning and execution, reporting and documentation.
• Adequate experience using Burp Suite, Wireshark, Kali Linux, nmap, security monitoring tools, etc.
• Good knowledge of at least one programming language (Java, C#, Python, JavaScript or similar).
• Well versed in network and web application security, as well as in secure coding and hardening.
• System Admin Level knowledge of Linux OS-s, especially security settings.
•  Up-to-date knowledge of security architecture, security technologies and audits.
• Good knowledge of OWASP testing framework, threat modelling and security trends.
• Knowledgeable in SDLC and CI/CD / DevOps toolchains.
• Fluent in English, spoken and written.
• ISTQB CTFL.
• Preferred:
  • To have a relevant security certification (e.g. CEH, CISSP, GCIA, GCIH and GCAC),
  • ISTQB CATE or CATM.

If this sounds like you, get in touch!

Submit your application no later than 30 April 2021. For more information, you're welcome to contact Annica Nylund annica.nylund@nordea.com

At Nordea, we know that an inclusive workplace is a sustainable workplace. We deeply believe that our diverse backgrounds, experiences, characteristics and traits make us better at serving customers and communities. So please come as you are.

Please include permit for processing personal data in CV as following:

In accordance with art. 6 (1) a and b. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have: my personal data, education and employment history proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp.

The administrator of your personal data is: Nordea Bank Abp operating in Poland through its Branch, address: Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing personal data is necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: http://www.nordea.com/Images/33-355365/nordea-com-careers-job-pl-en.pdf

We reserve the right to reply only to selected applications.