Senior Manager, Cyber Defence Centre
Székesfehérvár, HU
Norsk Hydro
Hydro is a leading aluminium and renewable energy company that builds businesses and partnerships for a more sustainable future. We have 33,000 employees in more than 140 locations and 40 countries.Hydro Global Business Services (GBS) is an organizational area that operates as an internal service provider for the Hydro group. Its ultimate purpose is to deliver relevant IT, financial and HR business services to all business areas within the company.
Role Purpose
The Senior Manager of Cyber Defence Center is the strategic leader of the SOC services both for Enterprise IT and for ICS, as well as the Security Engineering function within GBS. He/She is the direct manager of the SOC Manager, and the Security Engineering Manager.
Responsibilities
- Strategic leadership of the SOC and Security Engineering functions within GBS IT
- Develop, set and maintain strategy for the Cyber Defence Center (SOC and Security Engineering) organization, services and technology
- Work closely, own continuous improvement strategic activities in Cyber Security Services related to the Cyber Defence Center, including automation (SOAR), vulnerability management improvement, threat management improvement, log managemen improvement, etc.
- Continuously optimize the platform, tool portfolio for security operations management, lead the program on centralizing processes to Splunk, and other strategic tools
- Lead program on optimizing team setup, oncall coverage, internal-external resource balance in CDC
- Relationship management with all stakeholders of the CDC services (e.g. GRIT management, other cyber security team management, GBS IT management)
- Operation, reporting
- Overall responsibility of the operation of EIT and ICS SOC, Security Engineering teams, and their KPI-s
- Responsible for the senior management reporting on the relevant cyber security area (in collaboration with the reporting team)
- Vendor management
- Manages relationship with the vendors serving CDC in GBS
- Sets KPI, SLA, requirements towards vendors and continuously optimizes the setup for his/her functions
- Escalation point
- Higher level escalation point on all EIT and ICS SOC and Security Engineering related processes, performance, operation
- Project Management
- Overall ownership responsibility on all CDC related projects
- Business Relationship Management
- Continuous business relationship management with BA and GRIT owners, customers of CDC services
- Commercial, marketing mindset driven communication to the customers and/or potential customers of the CSC services
- Organization, Team, People
- Overall ownership responsibility on the right staffing of the EIT and ICS SOC and Security Engineerting teams in capacity and skillset
- Direct manager of the SOC Manager and Security Engineering Manager
Qualifications
In depth knowledge on:
- Methods and motivations adopted by hackers to attack IT platforms and automated information systems
- IT security incident management processes and tools
- IT operations and support organizations
- IT security risk assessment
- IT security forensic techniques, tools and procedures
- Vulerability management end-to-end
- Threat management end-to-end
- Log management end-to-end
- Mitre killchain for EIT and ICS
- ICS-OT Security Management
- Cloud and application security
The following experience is considered essential experience:
- In-depth experience in security management processes and tools
- 10+ years of technology experience, including troubleshooting and performing root cause analysis of complex IT solutions
- 5+ years of demonstrated leadership experience building consensus across IT domains
- 5+ years of demonstrated experience managing a high-performing, cohesive security teams
- Significant experience in working in the manufacturing industry
- Experience in working with the Forum of Incident Response and Security Teams (FIRST) or an equivalent organization
- Experience in working with law enforcement or other relevant government agencies
- 5+ years of hands-on IT or information security assessment in a commercial environment subject to the caveat below
- 5+ years of demonstrated experience in liaising with middle and senior management of a large commercial enterprise
- Bachelor's or master's degree in IT, engineering, business, management or a related field, or equivalent work experience
- Tertiary qualifications in information or IT security, or industry qualifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or the equivalent
- Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business and senior management
- Proven ability to build relationships and influence individuals at all levels in a matrixed environment to ensure that segregation and overlapping roles are identified and coordinated
- Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources
- Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios
- Strong analytical and problem-solving skills
- Proficiency in process formulation and improvement
- Proficient in working in a fast-paced, complex, dynamic, multicultural business environment
- Knowledge of legal requirements for privacy of personal information from employees and customers
Hydro offers
- Working at the world’s only fully integrated aluminum and leading renewable energy company
- Diverse, global teams
- Flexible work environment/home office
- We provide you the freedom to be creative and to learn from experts
- Possibility to grow with the company, gain new certificates
- Attractive benefit package
Applications from severely disabled and equally disabled people will be considered with equal suitability.
Please apply online in ONE with your CV and optionally a cover letter until: 04/26/2024
If you have any questions, please contact:
Petra Rumpler
Petra.Rumpler@hydro.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation CISM CISSP Cloud ICS Incident response Privacy Risk assessment Security assessment SOAR SOC Splunk Strategy Vendor management Vulnerability management
Perks/benefits: Flex hours Home office stipend Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs