CSIRT Process Manager

Company Description

Statkraft has been making clean energy possible for over a century. That is what we offer. 125 years of unrivalled expertise in supplying the world with what it needs most. We envision a world that runs entirely on renewable energy. Because in the fight against climate change, we do not see renewable energy as part of the solution – we believe it must be the solution. With us, you will shape a career that is truly forward-facing with many amazing opportunities and offerings to match.

But there is more work to be done – that is why we need you to join!

Job Description

The Statkraft CSIRT team is part of the Cyber Security Department within Statkraft. Our mission is to avoid or minimize business impact from attempted or conducted cyber-attacks against Statkraft’s assets, which also includes national critical infrastructure. We act as a central hub of contact, correlation, and coordination of security events based on the current threat situation, business risk appetite, and regulatory requirements. We are now looking for a new team member who will focus on security process management, including document management, supplier management, and development of security services and products. 

Your role

As the CSIRT Process Manager, you will play an important role in which your contribution helps protect critical infrastructure in several countries. You will get the opportunity to influence both your own working day and Statkraft’s further development within cyber security. In our team, you will work with cutting-edge cyber security systems while sharpening and developing your own professional and personal abilities.

Your main responsibilities will include:

• Implement new, maintain, and continuously improve all documents and agreements related to CSIRT, such as process descriptions, policies, operating procedures, playbooks, contact database, etc.
• Further enhance deliverables, quality, and collaboration with both internal and external stakeholders, suppliers, and partner organizations.
• Contribute to further development of current and new security products and services delivered by CSIRT.
• Support Head of CSIRT and team-leads on analysis of CSIRT performance and identify and implement methods of improvement.
• Evaluate security tools and systems, and implement new use cases, workflows, playbooks, reports, dashboards on security and vulnerability platforms, and ensure adherence. 
• Coordinate CSIRT related projects and improvement activities across IT.

Qualifications

To be successful in your role, we believe you have:

• A minimum of 2 years of experience from establishing or leading a CSIRT/CERT/SOC function, or similar full-time experience as an advisor. 
• Commercial acumen with solid understanding of governance structures and functions within the cyber domain. 
• Familiar and comfortable with writing and revising formal documents. 
• Highly structured and independent mindset, with the ability to handle a large volume of simultaneous tasks.
• Solid interpersonal skills and comfortable with working in a dynamic environment.
• Project management skills.
• Excellent communication skills, with the ability to explain complex technical issues on a management level.
• Fluency in Norwegian and English is required.

These skills and experiences would also be beneficial:

• Previous experience with one or more of the following: supplier management, GRC, process and quality management.
• Experience with cyber security frameworks such as NIST CSF, Cyber Kill Chain, MITRE ATT&CK, etc.
• Ability to demonstrate analytical expertise, with close attention to detail, critical thinking, and a solution-oriented approach.
• Bachelor's degree in Information Security, Computer Science, Engineering, Technology, Business, or similar.
• Passion for cyber security.

Additional Information

What We Offer

• Unlimited learning opportunities at various levels of the organization.
• The chance to grow your career alongside a truly global network of experts, leaders, specialists, and graduates from different countries and backgrounds.
• The opportunity to work somewhere with pride and be able to honestly say “My work is contributing to saving the planet”.
• A work culture that puts emphasis on the individual, offering flexible working solutions, and work-life balance principles.
• Statkraft offers competitive terms of employment and benefits schemes, and we’re a trusted employer that puts the safety of our people first. We believe that a safe and healthy working environment is a matter of choice, not chance.

Statkraft manages critical infrastructure and services in several countries. The applicant must be eligible for Norwegian security clearance and authorization.

Statkraft's vision is to renew the way the world is powered. To navigate the complex journey ahead, we need every voice at the table. We therefore work actively to be a diverse and inclusive workplace and welcome all applicants regardless of background, gender, age, sexual orientation, religious belief, ethnicity, nationality, or disability.

Application deadline: 31st of January 2025. Applications will be evaluated after the deadline. 

Location: The position will require physical presence at the main office in Lilleaker, Oslo, Norway. 

Contact: For questions about the process, please contact Celina Nybråten, Talent Acquisition Advisor, on email: celina.nybraten@statkraft.com.