Cyber Security Specialist

Cyber Security Specialist - Risk and Incident 

Are you excited about ensuring the security of critical IT/OT systems? Do you thrive in a dynamic environment with a background in IT, OT, and risk management? If so, we have an exciting opportunity for you to join our team as a Cyber Security Specialist focusing on Risk and Incident management.

Join our Cyber Security team in Hydro Aluminum Metal, where you will learn, grow, and make a significant impact on the security and resilience of our critical systems. We offer a welcoming work environment that promotes professional development and growth.  

Why Us?  

At Hydro, we are committed to safeguarding our critical systems and making a significant impact on the security and resilience of our organization. As a Cyber Security Specialist, you will play an important part in coordinating between the ICS SOC and local IT/OT teams, facilitate and run cyber risk workshops at our plant sites or digitally. Your expertise will contribute to the development and implementation of security policies, controls, and procedures to protect our ICS/OT systems from evolving threats.  

Your role:  

• Incident coordination: You will be the coordination lead between the ICS SOC and local IT teams, promoting effective communication and collaboration during incidents. You will provide guidance and support to local IT/OT teams during incidents, ensuring a seamless response and reporting back to relevant stakeholders.  
• Incident investigation: Coordinate post-incident forensics work to ensure a thorough analysis and understanding of incidents, allowing us to learn and grow from each experience.  
• Detection and response: Develop use cases and scenarios for the ICS SOC based on our IT and OT system portfolio, improving incident detection and response capabilities. Extend the log collection and deploy networks sensors for industrial control systems as part of the security monitoring to detect and proactively respond to potential threats.   
• Test preparedness: Plan and execute incident exercises with relevant parties to test and enhance our incident response preparedness.  
• Continuous improvement: Update and develop the incident response process, incorporating lessons learned and industry best practices. In general stay up to date on new technologies in cybersecurity relevant to Hydro. 
• Risk management: Facilitate cyber security risk assessments of production systems (IT/OT) and 3rd party risk (suppliers) within the production, collaborating on strategies to mitigate identified risks and ensure the operations of our critical IT/OT systems.  

Desirable personal characteristics:  

• Effective communicator: Good interpersonal skills to foster collaboration and understanding among diverse teams.  
• Adaptable and motivated: Thrive in a diverse and fast-paced environment, proactively solving problems and paying keen attention to detail.  
• Team player: Collaborate with stakeholders at all levels of the organization to achieve shared goals.  
• Willingness to learn: Stay updated on the latest trends and developments in IT/OT through own learning, conferences, and courses. Stay up to date on IT/OT operations at all our plants to provide efficient incident handling.  
• Dedicated: Committed to achieve results, prioritize tasks, and meet deadlines  
• Ethical and professional: Maintain confidentiality and integrity when handling sensitive information.  
• Travel: Willingness to travel to our smelters in Norway and recyclers in 

Preferred Background/Education:  

• Engineer with experience in incident handling and analysis in an industrial context.  
• A Cyber Risk management background is also preferable.  
• B.Sc. in computer science, cyber security, IT, cybernetics, or related fields. Europe and US. 

Additional information   

Submit your resume and a brief cover letter outlining your relevant experience and achievements. Please enclose all relevant transcripts with your application (academic records/diplomas, certificates etc.). Only applications received through our online system will be considered, not via email. As part of our recruitment process, we use Semac for background check.   

Application date: 20.05.24

If you have any questions, feel free to contact:   

Hiring manager: Jabber Abbas, (Norway +47) 476 41 473

Recruiter: Magnus Hallerud Christensen, (Norway +47) 47849693