Do you want to be part of the team that protects Europe's largest producer of renewable energy from cyber threats?
Statkraft Cybersecurity Department (MIS) is looking for a new colleague to strengthen the IT Security Architecture team. Statkraft Cyber Security Department consists of GRC, Security Architecture and CSIRT teams working hand in hand protecting Statkraft’s assets from cyber threats and enabling the business providing robust and secure IT security services. The Cyber Security Department is part of the Statkraft IT Department, which consist of over 200 highly engaged employees. Statkraft IT is the Statkraft Group’s IT service provider and Digitalization Centre of Expertise, delivering a full set of services from business development, change management, projects, application development to operational services.
Our Security Team is contributing to protect all business areas in Statkraft and we use our expertise within security frameworks, standards and best practices, as well as our technical in-depth knowledge to understand and support the projects, initiatives and day to day operations. We collaborate with other security domain areas in Statkraft as well as external partners to keep each other informed and protected, and to further our profession and skillset. Our department consists of specialists passionate about their field and thriving in the dynamic and complex environment – and this is what we are looking for in our new colleague!
The IT Security Architect role in Statkraft relies on good communication skills, influencing the positive and mature IT security posture throughout the organization and using the security mandate to protect and improve the IT security services and IT architecture.
You will report to VP Cyber Security and work closely with the IT Security Architecture Lead.
- Assess and design secure and compliant solutions with our customers, bringing the security requirements and best practice early into the design process and monitor their implementation
- Build relationships and collaborate with stakeholders, system owners and IT specialists to ensure all visions are aligned
- Implement administrative and technical security controls throughout the global IT environment
- Evaluate IT infrastructure changes and requests that impact security
- Provide security requirements to projects and activities based on established security policies and standards
- Assist with internal and external security audits and assessments
- Facilitate third party security assessments
- Collaborate with the GRC team assisting with risk assessments and providing risk mitigations and subject matter expertise
- Collaborate with the CSIRT team to ensure that the findings are addressed through robust processes and IT security architecture
- Contribute to the continuous improvement of the security policies and processes, using your experience, observation and communication skills as well as ongoing research in the cybersecurity field
- You have a university degree in technical subjects, preferably IT security, and you have 3-5 years of work experience within the IT Security field (relevant Master’s degree can compensate for less work experience)
- You have in depth technical knowledge within the main areas of IT security including LAN/WAN networks and communication security, software development security, client/server security, cloud security, identity and access management and security operations.
- Preferably work experience with IT security frameworks and standards such as CIS Controls, NIST CSF and ISO 27001
- Work experience with risk assessments and risk management process is an advantage
- Work experience with security- and penetration testing is an advantage
- You are ethical, professional, structured, proactive and ambitious
- You are passionate about cybersecurity and keep up to date with the latest security and technology developments
- You are fluent in English and Norwegian, both oral and writing
Statkraft manages critical infrastructure and services in several countries. We conduct background checks on qualified applicants before hire and in this role you must qualify for Swedish security clearance and authorization.