The main activities of the Business Area Market & IT (MI) are energy management for Statkraft’s assets, trading & origination and market access services in Europe, South America and India. In addition, the business area contains local business support, finance & risk support, and IT services. In MI there are more than 700 employees. Statkraft IT Security & Compliance is today organized under MIIN (Market, IT, Network & IT Security). During 2019 and ahead Statkraft will strengthen IT Security & Compliance capabilities and capacities why we are looking for a new team member.
The Network and Security team in Statkraft is responsible for Network and IT Security Architecture including our Computer Security Incident Response Team (CSIRT) globally. Our team is involved with all the different business areas in Statkraft making our daily work very interesting and we get to know Statkraft in depth. We are looking for a new Security Architecht that can strengthen our IT Security in a more challenging world. The Security Architect will work with various areas of the business to help design secure solutions and build standards for how those solutions should be implemented and maintained in the future. In addition, the Security Architect will be an important player discussing architecture and new services delivered from our sourcing partner.
- Research, evaluate and drive innovative security technologies and concepts to keep security ahead of the curve
- Build relationships and collaborate with stakeholders, system owners and IT specialists to ensure all visions are aligned
- Develop security reference architecture, to-be states, standard architectures and models
- Develop security policies for new, strategic and disruptive technologies
- Provide security requirements to projects based on established policies and standards
- Plan, research and design robust security architectures for any IT project
- Evaluate and approve IT infrastructure changes that impact security
- Participate in architectural reviews and approve/reject solution proposals to ensure a high security level in IT environments
- Evaluate emerging cyber security threats and ways to manage them
- Keep up to date with the latest security and technology developments
- Assist with internal and external audits relating to IT security & information security
- Assist plan for disaster recovery in the event of any security breaches
- Responsible for IT Security assessments
- Close cooperation with the operational CSIRT team and our Sourcing partner
- Interfaces to application engineering/development teams, infrastructure and platform teams, and to domain architects across the whole of IT
- Plan for and assist for implementation of CIS controls
- Provide input and assist in implementation of regulatory frameworks like NIS, GDPR, SANS, NIST, ISO2700x etc.
- Gap analysis related to implementation of security architecture and requirements
- Solve tasked from Lead Architecht through the virtual domain architect structure
- University degree with at least 5-10 years of experience within the described areas
- Highly graduated with supreme technical experience and a genuine interest within IT security and vulnerabilities
- Good knowledge of IT security framework, such as SANS 20, NIST, ISO 27001
- Updated on the latest security threats and technologies to be able to guide long term design of solutions in terms of security
- Experience from PC Client management, Windows and Linux operating systems, VMWare and cloud solutions
- Experience from global organizations with regards to threat pictures in other parts of the world
- Good understanding of network design and LAN/WAN solutions
- Structured and analytical qualities with good communication, cooperation and advisory skills
- Knowledge of ITIL (preferably) or other IT process frameworks
- Understanding of the necessity of good documentation
- Experience from participation in IT projects would be an advantage
- Self-driven, structured, proactive, ambitious and influencing
- Fluent in Norwegian and English, both oral and writing
- The applicant must be eligible for Norwegian Secret (HEMMELIG) security clearance and authorization.
- Professional and personal development in an exciting company
- A positive working environment characterized by expertise, responsibility and innovation
- A diverse workplace with regard to gender, age and cultural background
- Competitive terms of employment and excellent benefit schemes
Some travelling must be expected.