The main activities of the Business Area Market Operations & IT (M) are energy management for Statkraft’s assets, trading & origination and market access services in Europe, South America and India. In addition the business area contains local business support, finance & risk support, and IT services. In M there are 650 employees.
The Network and Security Engineering team is responsible for Network and Security architecture and Computer Security Incident Response Team (CSIRT) globally.
The mission of CSIRT is to avoid or minimize business impact for attempted or conducted
cyber-attacks against Statkraft's digital values. CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements. We are looking for a new member to our CSIRT who will be responsible for monitoring, threat hunting, analysis and responding to events generated from various systems and vendors.
As CSIRT Security Analyst at Statkraft you will play an important role in which your contribution help protect critical infrastructure globally. You will get the opportunity to influence both your own working day and Statkraft’s further development within cyber security. In our team you will both use and develop your ninja skills to fight cyber threats.
- Contribute to correct level and content of security monitoring & logging
- Monitoring, assessment and response on received announcements, warnings, alerts and requests
- Provide adequate analysis of security events in cooperation with internal staff, vendors and relevant partners such as KraftCERT and NorCERT
- Respond to security incidents, vulnerabilities and targeted threats according to business risk perspective
- Follow up registered security incidents and ensure sufficient measures are implemented
- Perform proactive and reactive threat hunting in network and endpoints
- Contribute to implementation of relevant processes and tools to increase quality and efficiency for detecting and responding to cyber security events.
- Maintaining awareness regarding current and developing threats
- You have a burning interest in cyber security and would love to work with threat hunting
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic and solution orientated.
- In-depth understanding of IP protocols and operative systems
- Experience working as part of a SOC or Incident Response Team
- Experience with triage of events, alarms and vulnerabilities, as well as incident handling until completion.
- Experience with analysis and tools for collecting and analyzing network traffic and logs (SIEM, IDS, Splunk, etc.).
- Familiarity with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
- Scripting skills in at least one of the following is required: Python, Powershell, Perl, Go or Bash.
- Must be able to effectively communicate technical information to both technical and non-technical personnel
- Fluent expression in Norwegian and English, both in oral and writing.
It would be awesome if you already have a CISSP, CEH, GSEC, GCIA, GCIH or other similar security certifications
- Professional and personal development in an exciting company
- A positive working environment characterised by competence, responsibility and innovation
- A diverse workplace with regard to gender, age and cultural background
- Competitive terms of employment and excellent benefit schemes
The position is located in Oslo.