At Fiskars Group we are unified and driven by our common purpose: pioneering design to make the everyday extraordinary. Join our team and seize the extraordinary opportunity to influence the everyday!
We are looking for an experienced security professional to join our Cyber security & Data privacy -team as a Cyber Security Architect. The position reports to Senior Cyber Risk Manager and is part of Chief Information Security Officer (CISO) the team within Digital & IT organization.
The Cyber Security Architect is responsible for designing, evaluating, implementing and managing security architectures to support business objectives while maintaining risks and enabling secure enterprise systems and processes within our Digital & IT landscape. The role focuses on aligning security strategies with Fiskars goals, strategy and Digital and IT plans, addressing both technical and business requirements. Cyber Security Architect ensure security posture evolves with emerging risks and opportunities.
Cyber security architect needs to review and understand our current overall security posture, security measures and weaknesses, and to design target-state and roadmap together with Enterprise Architecture and different IT teams. The objective is holistic technical security architecture to ensure Fiskars Group business continuity considering people, processes and technology related to securing data, identities, cloud platforms, application/software development, on-premises infrastructure, networks and endpoint devices. Cyber Security Architect will also participate development programs and projects including sourcing and procurement of services.

Your main responsibilities

• Business-Driven Security Architecture
• Define and maintain Security Principles aligned with Enterprise Architecture of Fiskars Group.
• Collaborate with stakeholders to identify and document security requirements aligned with business needs.
• Develop a comprehensive security architecture roadmap that addresses business goals, risk priorities, and technical environments.
• Ensure security designs support critical business initiatives and are traceable to business outcomes.
• Security Architecture Development
• Design security architectures across all lifecycle phases, from strategy and planning to implementation and ongoing management.
• Develop architectures that address key security perspectives (e.g., assets, risk, processes, people, locations, and time).
• Risk and Threat Management
• Identify, analyze, and prioritize risks and opportunities affecting enterprise security.
• Design appropriate controls and mitigation strategies to address emerging threats and vulnerabilities while enabling business agility.
• Policy and Standards Alignment
• Develop and enforce security policies, standards, and guidelines aligned with Fiskars, regulatory, and industry requirements (e.g. NIST CSF 2.0, or relevant frameworks).
• Support integration of security into enterprise and solution architectures.
• Solution Design and Implementation
• Provide end-to-end security design for enterprise solutions, ensuring secure integration into IT and operational ecosystems.
• Collaborate with IT, development, and operations teams to embed security into system designs and software development lifecycles (SDLC).
• Governance and Performance Management
• Develop and maintain a security governance framework to ensure accountability and continuous improvement.
• Define and monitor security metrics and key performance indicators (KPIs) to measure effectiveness and alignment with business goals.
• Ongoing Security Lifecycle Management
• Manage the full lifecycle of security services and controls, ensuring continuous monitoring, improvement, and adaptation to changing business and risk environments.
• Support security incident response, recovery, and lessons-learned activities.
• Collaboration and Leadership
• Act as a trusted advisor to business and IT leadership on security architecture topics.
• Lead and mentor cross-functional teams to promote secure design principles and best practices.Lend insights to security best practices, security architectures, technologies, and procedures
• Maintain and enforce a balanced IT / technical security level as documented in the Information Security Management System (ISMS).
• Maintain IT security control framework together with other roles in Cyber security & Data privacy -team
• Interface with the Fiskars Group outsourcing partners and support them in delivering secure services to Fiskars Group as agreed in the contracts.

Experience & knowledge:

• Education
• Bachelor Degree in Computer Science (or similar),
• Experience
• 8+ years’ experience in the cybersecurity architecture or related domain within challenging global environment.
• Strong working knowledge of IT and cyber security technologies and risks
• Broad experience within IT, and you understand how IT and business processes are linked and deep knowledge from project or process management
• Strong mixture of experience in areas of security including cloud technologies, software development, compute, network, endpoints, identity and access management
• Experience with Azure or other cloud platforms and their security tools
• Good knowledge of tools, technologies and trends in the market; you like to stay up to date on industry best-practices, trends and technologies
• Good knowledge of security frameworks, governance, and compliance requirements (e.g., EU/GDPR, ISO 27001, NIST CSF, CIS, ITIL).
• Skills:
• Strong understanding of security architecture principles, enterprise systems, and security controls.
• Proficiency in risk management, governance, threat modeling, vulnerability management, and security assessment methodologies.
• Excellent analytical, problem-solving, and communication skills.
• Ability to translate complex security concepts into actionable business terms.
• Certifications
• Relevant certifications like CISSP, CCSP or SBASA(SCF), ToGAF 10
• Fluent written and spoken English – English is the working language

Experience of managing other security, data or risk regulatory frameworks with a strong security focus (e.g. PCI DSS) would be a plus but not required.
To succeed in the role, you benefit from the ability to build collaborative relationships with different stakeholders. You are confident advising our lines of business. You understand the bigger picture, how things are connected and can bring value to different units and accelerate change.
This position offers you a great opportunity to use your skills and further develop yourself as a cyber security professional. We have a team of professionals with strong ambition to improve security posture and maturity.
Last day of application:
2025-02-03

At Fiskars, we value providing benefits that matter to you and cater to our diverse global workforce, no matter where you are in the world. While benefits may vary based on location, here are some of the incredible offerings you can expect when joining our team:
Competitive Compensation: We ensure that our employees are fairly compensated based on industry standards and local market factors.
Health and Wellness: Your well-being matters to us, no matter where you are. We offer various health and well-being focused programs and coverage, adapted to the requirements of each region.
Work-Life Balance: We understand the need for balance in your life. Our paid time off plans and flexible work arrangements and policies are designed to accommodate local customs and personal commitments, enabling you to thrive in both your professional and personal life.
Professional Development: We believe in nurturing talent and supporting professional growth. Through training programs, skill development initiatives and learning resources, we empower our employees to reach their full potential.
Inclusive and Diverse Environment: We value diversity and promote inclusivity. Join a workplace where your unique background and perspectives are celebrated, fostering collaboration and respect across all our markets.
Recognition and Rewards: We believe in celebrating and recognizing the contributions of our employees worldwide. Our recognition programs are designed to acknowledge exceptional performance and achievements, ensuring that your efforts are celebrated and valued.
Vested Interest: Through our Employee Share Purchase Plan (ESPP), you have the opportunity to invest in Fiskars Group and become a proud co-owner, sharing in the success and growth of the company.
Employee Discounts: We want to ensure our team members make each day the extraordinary with use of our products and offer product discounts across our brands.
Please note that specific benefits may vary based on local regulations, market conditions, and other factors. We are committed to providing competitive and meaningful benefits to our employees in every market we operate.

Fiskars Group (FSKRS, Nasdaq Helsinki) is the global home of design-driven brands for indoor and outdoor living. Our brands include Fiskars, Georg Jensen, Gerber, Iittala, Moomin Arabia, Royal Copenhagen, Waterford, and Wedgwood. Our brands are present in more than 100 countries, and we have close to 450 own stores. We have approximately 7,000 employees and our global net sales in 2023 were EUR 1.1 billion.
We are driven by our common purpose: Pioneering design to make the everyday extraordinary. In 2024, we are celebrating our 375th anniversary. Since 1649, we have designed products of timeless, purposeful, and functional beauty, while driving innovation and sustainable growth.
Read more:
fiskarsgroup.com

• Business-Driven Security Architecture
• Define and maintain Security Principles aligned with Enterprise Architecture of Fiskars Group.
• Collaborate with stakeholders to identify and document security requirements aligned with business needs.
• Develop a comprehensive security architecture roadmap that addresses business goals, risk priorities, and technical environments.
• Ensure security designs support critical business initiatives and are traceable to business outcomes.
• Security Architecture Development
• Design security architectures across all lifecycle phases, from strategy and planning to implementation and ongoing management.
• Develop architectures that address key security perspectives (e.g., assets, risk, processes, people, locations, and time).
• Risk and Threat Management
• Identify, analyze, and prioritize risks and opportunities affecting enterprise security.
• Design appropriate controls and mitigation strategies to address emerging threats and vulnerabilities while enabling business agility.
• Policy and Standards Alignment
• Develop and enforce security policies, standards, and guidelines aligned with Fiskars, regulatory, and industry requirements (e.g. NIST CSF 2.0, or relevant frameworks).
• Support integration of security into enterprise and solution architectures.
• Solution Design and Implementation
• Provide end-to-end security design for enterprise solutions, ensuring secure integration into IT and operational ecosystems.
• Collaborate with IT, development, and operations teams to embed security into system designs and software development lifecycles (SDLC).
• Governance and Performance Management
• Develop and maintain a security governance framework to ensure accountability and continuous improvement.
• Define and monitor security metrics and key performance indicators (KPIs) to measure effectiveness and alignment with business goals.
• Ongoing Security Lifecycle Management
• Manage the full lifecycle of security services and controls, ensuring continuous monitoring, improvement, and adaptation to changing business and risk environments.
• Support security incident response, recovery, and lessons-learned activities.
• Collaboration and Leadership
• Act as a trusted advisor to business and IT leadership on security architecture topics.
• Lead and mentor cross-functional teams to promote secure design principles and best practices.Lend insights to security best practices, security architectures, technologies, and procedures
• Maintain and enforce a balanced IT / technical security level as documented in the Information Security Management System (ISMS).
• Maintain IT security control framework together with other roles in Cyber security & Data privacy -team
• Interface with the Fiskars Group outsourcing partners and support them in delivering secure services to Fiskars Group as agreed in the contracts