IT and process Control Security Architect
Oslo, Norway
Applications have closed
Statkraft
Statkraft is Europe’s largest generator of renewable energy. We produce hydropower, wind power and solar power and are a global company in energy market operations.Company Description
Statkraft has been making clean energy possible for over a century. That is what we offer. 125 years of unrivaled expertise in supplying the world with what it needs most. We envision a world that runs entirely on renewable energy. Because in the fight against climate change, we do not see renewable energy as part of the solution – we believe it must be the solution. With us, you will shape a career that is truly forward-facing with many amazing opportunities and offerings to match.
But there is more work to be done – that is why we need you to join!
Job Description
Statkraft Cyber Security Architecture Department (ITSA) is looking for a new colleague to strengthen the IT Security Architecture team. Statkraft Cyber Security Department consists of GRC, Cyber Security Architecture and CSIRT department working hand in hand protecting Statkraft’s assets from cyber threats and enabling the business providing robust and secure IT security services. The Cyber Security Department is part of the Statkraft IT Department, which consist of over 200 highly engaged employees. Statkraft IT is the Statkraft Group’s IT service provider and Digitalization Centre of Expertise, delivering a full set of services from business development, change management, projects, application development to operational services.
Our Cyber Security department is contributing to protect all business areas in Statkraft. We use our expertise within security frameworks, standards and best practices, as well as our technical in-depth knowledge to understand and support different initiatives and day to day operations. We collaborate with other security domain areas in Statkraft as well as external partners to keep each other informed and protected, and to further our profession and skillset. Our department consists of specialists passionate about their field and thriving in the dynamic and complex environment – and this is what we are looking for in our new colleague!
The IT Security Architect role in Statkraft relies on good communication skills, influencing the positive and mature IT security posture throughout the organization and using the security mandate to protect and improve the IT security services and IT architecture.
You will report to Head of Cyber Security Architecture and be part of the Cyber Security Architecture Department.
Your role:
- Assess and design secure and compliant solutions with our customers, bringing the security requirements and best practice early into the design process and monitor their implementation
- Build relationships and collaborate with stakeholders, system owners, IT specialists and process control specialists to ensure all visions are aligned
- Implement administrative and technical security controls throughout the global IT and process control environment
- Evaluate IT and process control infrastructure changes and requests that impact security
- Provide practical security requirements to projects and activities that helps both the end user and the organization to balance security - based on established security policies and standards
- Assist with internal and external security audits and assessments
- Facilitate third party security assessments
- Collaborate with the GRC team assisting with risk assessments and providing risk mitigations and subject matter expertise
- Collaborate with the CSIRT team to ensure that the findings are addressed through robust processes, IT and process control security architecture
- Contribute to the continuous improvement of the security policies and processes, using your experience, observation and communication skills as well as ongoing research in the cybersecurity field
Qualifications
- You are passionate about cybersecurity and have knowledge about threats to critical infrastructure.
- You have technical background, preferably both operational technology/process control and IT security, and you have 3-5 years of work experience within the operational technology field
- You have good practical knowledge within an Operational Technology/Process Control environment, including HSS, System of systems, communications, Safety systems and dependencies.
- You have good knowledge within the main areas of both IT security and process control security including LAN/WAN networks and communication security, software development security, client/server security, identity and access management and security operations.
- Work experience with IT and Process Control security frameworks and standards such as IEC62443, IEC62351, ISO 27019, ISO 27001, NIST CSF, CIS Controls.
- Work experience with risk assessments and risk management process is an advantage
- Work experience with security- and penetration testing is an advantage
- You are ethical, professional, structured, proactive and ambitious
- You are fluent in English and Norwegian, both oral and writing
Statkraft manages critical infrastructure and services in several countries. We conduct background checks on qualified applicants before hire and in this role you must qualify for Norwegian and Swedish security clearance and authorization.
Necessary background check according to Norwegian and Swedish regulatory requirements is needed for this position.
Additional Information
Statkraft offers:
- Professional and personal development in Europe’s leading company within renewable energy
- A positive and including work environment characterised by competence, responsibility and innovation
- The chance to grow your career alongside a truly global network of experts, leaders, specialists and graduates from different countries and backgrounds
- A diverse workplace with respect to gender, age and cultural background
- Competitive terms of employment and excellent benefit scheme
Statkraft manages critical infrastructure and services in several countries. The applicant must be eligible for security clearance and authorization.
Application deadline: 16th of April 2023.
Contact: For more information about the position, please contact: Ronny Nilsen, Head of Security Architecture, ronny.nilsen@statkraft.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Clearance CSIRT IAM ISO 27001 NIST Pentesting Risk assessment Risk management Security assessment Security Clearance
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs