Technology Risk Manager

As a (Senior) Technology Risk Manager you will join Technology Risk Advisory & Oversight (TRAO), a first‑line of defence function within Group Technology. TRAO strengthens technology risk governance by providing expert advisory, coordination and oversight across the organisation. You will support SA Digital Technology and SA Retail Products & Core Technology, working closely with senior stakeholders to shape practical technology risk governance that supports safe delivery and informed decision‑making.

• Partner with SA Retail Products & Core Technology leaders and risk owners to identify, assess and manage technology risks, and adjust plans when priorities or the risk landscape changes.
• Coordinate SA Digital Technology input to regulatory and internal assurance requests (e.g., ECB/local FSA enquiries, IT risk questionnaires and targeted reviews), ensuring quality and timely follow‑up.
• Run regular risk discussions and governance touchpoints, preparing clear inputs for decisions and documenting outcomes.
• Own end‑to‑end follow‑up of issues and actions: confirm ownership, improve documentation quality, track progress and, when necessary, escalates.
• Support control work (defining, assessing and testing controls) together with relevant teams, focusing on practical and effective solutions.
• Create and review management reporting that highlights key risks, trends and next steps for your internal technology stakeholders.
• Collaborate across TRAO domains (Issue Management, Risk Processes & Governance, and Risk & Control Management) to ensure consistent ways of working.

Collaboration, ownership, passion and courage are the values that guide us. We look for someone who brings these qualities and is motivated to learn and grow.

• Has several years of professional experience (typically 6+), with hands‑on exposure to technology risk, operational risk, IT audit or a closely related area.
• Understands risk management principles and is interested in deepening expertise in technology risk, ICT risk, outsourcing and operational resilience.
• Is comfortable working with senior stakeholders, supported by strong preparation, clarity and follow‑through.
• Adapts well to change and helps keep governance practical and proportionate during transitions.
• Takes ownership of topics from routine follow‑ups to urgent matters and can work independently while collaborating closely with others.
• Can step back and focus on what best supports the technology organisation, clearly explaining trade‑offs and priorities.
• Communicates clearly with both technical and non‑technical stakeholders in a cross‑border Nordic and Polish environment.
• Is structured and pragmatic: knows when to challenge, when to support, and enjoys turning complexity into clarity.

• Experience or interest in technology risk, IT audit, operational risk or internal controls.
• Familiarity with technology environments such as applications, platforms, cloud services, integrations or DevOps‑based delivery.
• Exposure to frameworks and standards such as COBIT, ITIL and ISO 27001/27002.
• Interest in data, automation, analytics or AI‑enabled ways of working, including using approved AI tools for analysis, drafting or summarising.
• Relevant certifications (or motivation to work toward them), such as CRISC, CISA or CISM.

The role is based in Helsinki, Gdynia or Warsaw. We follow a hybrid model of working (60 % onsite – up to 40 % remote).

We provide a supportive work environment that encourages continuous learning, offers a hybrid working model, and prioritises diversity and inclusion. Our culture fosters performance and growth within a large Nordic bank, giving you opportunities to advance your career and work on innovative initiatives.

Credit and Risk Management.