Cyber Defense Officer (Security Analyst or Security Incident Coordinator)
FinnairFinland10 hours ago
Full-timeEngineering, Information Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Finnair is a diverse community of professionals who work ambitiously with a big heart and commitment. We cherish our strong safety culture, never taking it for granted, and courageously and determinedly keep sustainability at the core of our everyday work. We find meaning in our purpose: to enrich lives by bridging the world, and our identity and service mindset stems from our iconic brand’s Nordic heritage. Our values – Commitment to care, Working Together, Simplicity and Courage – guide us in everything we do.
We are now looking for a
CYBER DEFENSE OFFICER
to join Finnair’s Cyber Unit within Digital. At Finnair, safety and trust are at the heart of everything we do. To strengthen our defensive cyber capabilities, we are looking for either a Security Analyst or Security Incident Coordinator.
Both roles are distinct roles within the Cyber Unit, and we are looking to eventually fill both positions - so do not worry about work spilling over from one role to another. In your application, kindly indicate which role you would be primarily interested in.
As a Security Analyst, you’ll be working in a close collaboration with our Security Operations Center (SOC), rest of the cyber unit and business stakeholders to triage, investigate, contain and remediate security incidents and other cybersecurity-related deviations.
In addition to the operational work, you would be developing the cyber defense capabilities forward together with rest of the cyber unit, and other stakeholders throughout Finnair.
When working in this role, a typical day could consist of some of the following activities:
Frequently collaborating with a wide range of stakeholders, both technical and non-technical, is expected in this role. While certain level of seniority is essential to succeed in this role, it also offers a great opportunity for someone ready to deepen their expertise and take the next step in their technical career.
As a Security Incident Coordinator, you’ll coordinate security incident response, manage external and internal stakeholders, and ensure day-to-day cybersecurity operations run smoothly. During major incidents, you’ll lead response efforts, assess impact, and guide resolution activities.
Typical Tasks Include
Strong social and communication skills are essential, you’ll be working closely with diverse teams and partners, often under pressure. You should be confident, collaborative, and able to communicate clearly across all levels.
Working at Finnair:
We offer you an exciting opportunity to work in the fast-changing aviation and international travel industry in a culture that drives and enables professional development and continuous improvement. You will be supported by internally highly rated supervisory work with modern leadership practices that we constantly develop.
We are happy to enable our employees to enrich their lives and fulfill their travel dreams by offering a wide leisure travel benefit. We also support the health and wellbeing of our employees through our own Sickness Fund insurance benefit, Epassi (sport, culture, wellbeing or commuting benefit), gyms around the Finnair campus and activities organized by our hobby clubs.
If you are up for the challenge and excited to work in the world of aviation and travel, submit your application with your CV, cover letter and salary expectation no later than Sunday, 16 November 2025.
Please note that the hiring process includes a pre-employment security clearance and a drug test.
For more information, please don’t hesitate to contact Joonas Forsberg (Cyber Architecture Lead) by email [email protected].
Please note that we do not process applications submitted via email.
Our people are key to our success and the foundation that makes Finnair unique. We are committed to creating a safe work environment where all our people can thrive and succeed. We cherish diversity and strive to employ people with different backgrounds and experiences, to bring together multiple views to foster our business success. According to our employee survey, respecting diversity is at a high level in our work community. You are welcome to join Finnair as your authentic self.
We are now looking for a
CYBER DEFENSE OFFICER
to join Finnair’s Cyber Unit within Digital. At Finnair, safety and trust are at the heart of everything we do. To strengthen our defensive cyber capabilities, we are looking for either a Security Analyst or Security Incident Coordinator.
Both roles are distinct roles within the Cyber Unit, and we are looking to eventually fill both positions - so do not worry about work spilling over from one role to another. In your application, kindly indicate which role you would be primarily interested in.
As a Security Analyst, you’ll be working in a close collaboration with our Security Operations Center (SOC), rest of the cyber unit and business stakeholders to triage, investigate, contain and remediate security incidents and other cybersecurity-related deviations.
In addition to the operational work, you would be developing the cyber defense capabilities forward together with rest of the cyber unit, and other stakeholders throughout Finnair.
When working in this role, a typical day could consist of some of the following activities:
- Performing in-depth investigation or response actions of security incidents reported by the SOC
- Performing triage, investigation or response actions of security incidents and other cybersecurity-related deviations reported by other stakeholders
- Developing the overall cyber defense capabilities, such as:
- creating new detection rules or fine-tuning existing ones
- creating new playbooks and enhancing existing processes
- configuring the cyber defense technologies
- Helping business stakeholders by translating business requirements, threats and other risks into actionable monitoring use-cases and playbooks.
- Digesting threat intelligence reports, creating threat hunting hypotheses based on them and executing the hunts together with the SOC.
- Contribute to various projects and other operational day-to-day work performed by the cyber unit, such as security reviews or vulnerability assessments.
Frequently collaborating with a wide range of stakeholders, both technical and non-technical, is expected in this role. While certain level of seniority is essential to succeed in this role, it also offers a great opportunity for someone ready to deepen their expertise and take the next step in their technical career.
As a Security Incident Coordinator, you’ll coordinate security incident response, manage external and internal stakeholders, and ensure day-to-day cybersecurity operations run smoothly. During major incidents, you’ll lead response efforts, assess impact, and guide resolution activities.
Typical Tasks Include
- Creating playbooks and operational handbooks
- Managing major incidents and coordinating cross-functional incident teams
- Writing executive summaries and incident documentation
- Improving cybersecurity processes and practices
- Managing of external and internal stakeholders responsible of the day-to-day cybersecurity operations service delivery
- Acting as a subject matter expert in projects and programs
Strong social and communication skills are essential, you’ll be working closely with diverse teams and partners, often under pressure. You should be confident, collaborative, and able to communicate clearly across all levels.
Working at Finnair:
We offer you an exciting opportunity to work in the fast-changing aviation and international travel industry in a culture that drives and enables professional development and continuous improvement. You will be supported by internally highly rated supervisory work with modern leadership practices that we constantly develop.
We are happy to enable our employees to enrich their lives and fulfill their travel dreams by offering a wide leisure travel benefit. We also support the health and wellbeing of our employees through our own Sickness Fund insurance benefit, Epassi (sport, culture, wellbeing or commuting benefit), gyms around the Finnair campus and activities organized by our hobby clubs.
If you are up for the challenge and excited to work in the world of aviation and travel, submit your application with your CV, cover letter and salary expectation no later than Sunday, 16 November 2025.
Please note that the hiring process includes a pre-employment security clearance and a drug test.
For more information, please don’t hesitate to contact Joonas Forsberg (Cyber Architecture Lead) by email [email protected].
Please note that we do not process applications submitted via email.
Our people are key to our success and the foundation that makes Finnair unique. We are committed to creating a safe work environment where all our people can thrive and succeed. We cherish diversity and strive to employ people with different backgrounds and experiences, to bring together multiple views to foster our business success. According to our employee survey, respecting diversity is at a high level in our work community. You are welcome to join Finnair as your authentic self.
Key Skills
Ranked by relevanceReady to apply?
Join Finnair and take your career to the next level!
Application takes less than 5 minutes