Lead Security Engineer

Lead Cyber and Security Engineer

Role overview

This role is responsible for the overall cybersecurity capability of an international technology driven organisation operating in safety critical environments. The position combines strategic ownership with operational leadership and requires close cooperation with business IT and external partners.

The Lead Cyber and Security ensures that cybersecurity supports business continuity regulatory compliance and controlled digital development across global operations.

The role is based in Vantaa with hybrid working arrangements. Occasional travel in Finland and abroad is expected.

Key responsibilities

Cybersecurity strategy and governance

• Define and maintain an enterprise cybersecurity strategy aligned with business objectives
• Own and develop the cybersecurity roadmap including architecture principles and operating models
• Establish and maintain cybersecurity policies standards and procedures
• Ensure security is embedded into business processes systems and development activities

Security operations and risk management

• Lead security operations including monitoring detection and incident response processes
• Oversee vulnerability management risk assessments and remediation planning
• Coordinate incident response activities and post incident reviews
• Ensure disaster recovery and business continuity requirements are met

Technology and partner management

• Specify select and govern cybersecurity tools and platforms
• Oversee SOC related capabilities SIEM endpoint security identity and network security solutions
• Manage service providers and technology partners related to cybersecurity
• Ensure effective use of security tooling and clear operational ownership

Identity and access security

• Govern identity and access management including AD Entra ID SSO MFA and privileged access
• Ensure access controls follow least privilege and regulatory requirements
• Support secure integration of internal and external users and services

Compliance and awareness

• Support compliance with relevant regulatory and industry requirements such as GDPR and ISO 27001
• Contribute to audits assessments and compliance documentation
• Develop and deliver cybersecurity awareness and training for employees contractors and partners

Leadership and budgeting

• Own operational and development budgets related to cybersecurity
• Provide clear reporting on security posture risks and improvements
• Act as a subject matter expert and advisor to internal stakeholders

Required background and experience:

• Proven experience in a senior level cyber or information security role within an enterprise environment
• Strong understanding of cybersecurity frameworks principles and best practices
• Hands on experience with security operations including SOC models SIEM endpoint protection firewalls VPN and IDS or IPS
• Solid experience with identity and access management technologies including Active Directory Entra ID and single sign on
• Familiarity with regulatory and compliance requirements such as GDPR ISO 27001 and similar standards
• Ability to assess risk communicate impact and propose pragmatic remediation
• Experience working with external vendors and service providers
• Fluent English written and spoken (Finnish highly desirable)

Education

• Master’s degree in computer science information technology or a related field is preferred
• Equivalent professional experience will also be considered

Considered an advantage

• Experience operating in international or regulated environments
• Clear and structured communication style with both technical and non technical stakeholders
• Experience presenting security topics to management
• Finnish language skills

What is offered

• A key role with ownership of enterprise cybersecurity
• Stable and long term employment in an international operating environment
• Competitive compensation and benefits
• Flexible working model including partial remote work
• Professional development and continuous learning support
• A collaborative and pragmatic working culture