Role Overview
- Conducting information security risk assessments covering SEB’s information assets, business processes, technology services, and third-party providers
- Supporting and challenging business and technology teams in identifying security risks and implementing appropriate mitigation measures
- Assessing compliance with information security policies, standards, and applicable requirements, including DORA, ISO 27001, PCI DSS, and NIS2
- Supporting the maintenance and continuous improvement of the Information Security Management System (ISMS), including relevant policies, standards, procedures, and guidelines
- Supporting internal and external audits, regulatory inspections, compliance reviews, and security assurance activities.
- Tracking security risks, control deficiencies, findings, and remediation activities, and reporting them to relevant stakeholders and governance forums
- Contributing to security governance and culture through risk reporting, management metrics, Key Risk Indicators (KRIs), awareness activities, and training
Requirements
- At least two years of experience in information security, cybersecurity, risk management, compliance, IT audit, or a related field
- A good understanding of information security principles, control frameworks, risk management methodologies, and industry practices
- Experience conducting security risk assessments, compliance assessments, audits, or other security assurance activities.
- The ability to identify and assess cybersecurity risks, recommend appropriate mitigation measures, and explain their business impact to senior stakeholders
- Experience working with regulatory and legal requirements
- Strong communication and collaboration skills, combined with the ability to work independently and take initiative in driving improvements
- Fluency in English and at least one Baltic language: Latvian, Lithuanian, or Estonian. English is needed in collaboration with colleagues across the Baltics and internal documentation
Experience with third-party risk management, supplier security assessments, or outsourcing governance will be considered an advantage. Relevant professional information security certifications will also be beneficial.
Tech Stack
Benefits
- Meaningful, challenging work in a highly skilled international team
- Hybrid work flexibility and a supportive, inclusive culture with modern, ergonomic workspaces
- Strong learning culture with dedicated learning time, SEB Campus, and access to global learning platforms
- Competitive benefits including health insurance, extra vacation days, profit-sharing, and pension contributions
- A wellbeing-focused environment with employee events, mental health support, and other benefits