The main activities of the Business Area Market & IT (MI) are energy management for Statkraft’s assets, trading & origination and market access services in Europe, South America and India. In addition, the business area contains local business support, finance & risk support, and IT services. In MI there are more than 700 employees. Statkraft IT Security & Compliance is today organized under MIIN (Market, IT, Network & IT Security). During 2019 and ahead Statkraft will strengthen IT Security & Compliance capabilities and capacities why we are looking for a new team member.
The Network and Security team in Statkraft is responsible for Network and IT Security Architecture including our Computer Security Incident Response Team (CSIRT) globally. Our team is involved with all the different business areas in Statkraft making our daily work very interesting and we get to know Statkraft in depth. We are looking for a new Security Analyst (CSIRT member) which can also assist our Security Architecht team to strengthen our IT Security in a more challenging world.
The mission of CSIRT is to avoid or minimize business impact for attempted or conducted cyber-attacks against Statkraft's digital values. CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements. We are looking for a new member to our CSIRT who will be responsible for monitoring, threat hunting, analysis and responding to events generated from various systems and vendors.
As Security Analyst at Statkraft you will play an important role in which your contribution help protect critical infrastructure globally. You will get the opportunity to influence both your own working day and Statkraft’s further development within cyber security. In our team you will both use and develop your ninja skills to fight cyber threats.
- Contribute to correct level and content of security monitoring & logging
- Monitoring, assessment and response on received warnings, alerts and requests
- Provide adequate analysis of security events in cooperation with internal staff, vendors and relevant partners such as KraftCERT and NorCERT
- Respond to security incidents, vulnerabilities and targeted threats according to business risk perspective
- Follow up vulnerabilities and security incidents and ensure sufficient measures are implemented
- Perform proactive and reactive threat hunting in network and endpoints
- Contribute to implementation of relevant policies, processes and tools for compliance to regulatory frameworks and to increase quality and efficiency for detecting and responding to cyber security events.
- Maintaining awareness regarding current and developing threats
- Participate in penetration testing and security audits
- Security evaluations and risk assessment of ongoing and new solutions and services in cooperation with our Security Architects.
- Participate in the Implementation of NIST-SANS/CIS20-ISO27001
- Risk Assessment, i.e. BowTie og similar MoR model
- You have a burning interest in cyber security and would love to work with threat hunting with minimum 5 – 10 years within IT Security
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic and solution orientated.
- In-depth understanding of IP protocols and operative systems
- Experience working as part of a SOC, Incident Response Team or Red/Blue team
- Experience with triage of events, alarms and vulnerabilities, as well as incident handling until completion.
- Experience with analysis and tools for collecting and analysing network traffic and logs (SIEM, IDS, Splunk, EDR systems)
- Experience with penetration testing and IT system audits is an advantage
- Familiarity with NIST-SANS-CIS controls, 3-lines of Defence methodology, ISO and ITIL 4.0
- Familiarity with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
- Familiarity with risk assessments, i.e. BowTie og similar MoR model
- Scripting skills in at least one of the following is required: Python, PowerShell, Perl, Go or Bash.
- Must be able to effectively communicate technical information to both technical and non-technical personnel
- Fluent expression in Norwegian and English, both in oral and writing.
- Experience with NIST-SANS-CIS is an advantage
- Experience with ISO and ITIL 4.0 is an advantage
- It would be awesome if you already have a CISSP, CEH, GSEC, GCIA, GCIH or other similar security certifications
- Professional and personal development in an exciting company
- A positive working environment characterized by expertise, responsibility and innovation
- A diverse workplace with regard to gender, age and cultural background
- Competitive terms of employment and excellent benefit schemes
Some travelling must be expected.
Statkraft manages critical infrastructure and services in several countries. We conduct background checks on qualified applicants before hire