Cybersecutiry Architect

Job Description

The Cybersecurity Architect is an IT specialist who will use his/her high expertise to propose, design and implement security systems according to what business and regulation demands. As a member of the global Cybersecurity team, this role is also responsible for providing support to central IT/OT services delivered in all Statkraft locations around the glob.

• Act as a Security Coordinator for the ISMS implementation, maintenance and improvement.
• Support IT and Process Control risk assessment, evaluate information security risks, threats and consequences and take appropriate action.
• Identify and remediate security vulnerabilities in collaboration with group security functions.
• Proactively evaluate new threats and counter potential information security incidents.
• Contribute to the definition of group policies and actively promote information security standards and procedures throughout the IT, Process control and user environments.
• Monitor security developments to ensure the continued efficiency and effectiveness of information security processes and controls.
• Implements security techniques on all or part of an application, process, network or system within area of responsibility.
• Provide information security training and education.
• Attend Global Security Forum meeting.
• Attend Statkraft Security Champions Summit.
• Act as an interface with corporate team to understand and adopt security policies at a country level.
• Implement security policies to ensure confidentiality, integrity and availability of company information and assets, when it’s necessary.
• Collaborate with global CSIRT team (monitor, prevention, detection, investigation, and response).
• Document and train, a country level procedure, to ensure common understanding of a cybersecurity incident response plan.
• Act as a technical lead during the execution of contracted services, ensuring compliance with scope, objectives, budget, and deadlines.

Qualifications

• Three (3) years of proved experience working on cybersecurity architecture.
• Five (5) years of experience designing, implementing and operating network and security technologies preferably in global organizations. 
• Mandatory certification on any of these: CEH, CISSP, ISO27001 or ISO27032.
• Proved experience operating security devices: Firewalls, Proxy, LDAP, IDS/IPS, SIEM, EDR, etc.
• Advanced understanding of TCP/IP networking.
• Strong knowledge on general information security policies and risk management.
• Experience or knowledge on Industrial Control Systems (ICS).
• Knowledge on OWASP, ITIL, NIST and IEC/ISA 62443.
• University degree in Engineering, any specialization.
• Fluent in Spanish and English, both written and spoken.

Additional Information

• Unlimited learning opportunities at various levels of the organisation
• The chance to grow your career alongside a truly global network of experts, leaders, specialists and graduates from different countries and backgrounds.
• The opportunity to work somewhere with pride, and to be able to honestly say “My work is contributing to saving the planet”.
• A work culture that puts emphasis on the individual, offering flexible working solutions, and work life balance principles.