Cybersecurity Engineer

What does the job involve?

Cybersecurity engineer responsible for prevention of damage to, protection of, and restoration of computers, electronic communication systems and services, including information contained therein to ensure its availability, integrity, authentication, confidentiality, and non-repudiation.

This includes identity and access management, security testing, systems hardening, vulnerability management, incident response & detection, application security & cyber threat intelligence.

You are utilizing your knowledge independently to solve highly complex tasks with a short to medium-term tactical impact/risk.

You address key business challenges that align with Equinor's short and long-term strategy via providing specialist support to your team and others.

You independently communicate within the immediate team, across other areas, and towards key stakeholders from partners or external parties.

You regularly navigate conflicting agendas and may lead negotiations with senior stakeholders.

You resolve challenges, deliver improvements and contribute to shaping best practices.

You promote change initiatives, demonstrate flexibility to adopt new highly complex activities/ways of working and advice others.

You follow and comply with safety, ethics, and compliance requirements and align with leadership expectations and company values.

What will my tasks be?

Within this position, your key tasks will be to:

• Lead advanced activities to ensure security controls and measures as appropriately incorporated.
• Manage systems design activities to incorporate advanced security controls and measures.
• Conduct in-depth analysis to detect threats and identify advanced security requirements to inform solution interventions.
• Identify the assets that need protection, assessing the threats to those assets, and determining the vulnerabilities that may be exploited.
• Assess that systems adhere to relevant laws, regulations, and industry standards related to cybersecurity.
• Participate in cross-functional teams to ensure the integration of advanced security measures across the organization.
• Provide analytical support for advanced security policy development and analysis.
• Mentor and provide guidance to junior and mid-level team members.
• Propose structuring and delivery of our cybersecurity strategy
• Learn to use automated code scanning tools and manual techniques to identify potential security issues and coding best practice violations.
• Cybersecurity Awareness Campaigns: Develop and deliver cybersecurity training and awareness programs for employees.
• Cybersecurity Risk and IT Compliance: Conduct cybersecurity risk assessments, compliance activities and audits to identify areas for improvement and implement strategic security initiatives. Ensuring adherence to security policies and standards.
• Identity Access Management Process and Governance: Manage access management processes to ensure compliance with relevant security standards and regulations. Provide guidance and assistance to end-users on security best practices, password management, and incident reporting.

Here's what we expect from you:

At Equinor, there are some overall qualities we regard as essential. We want you to identify with the values that guide our decisions and help us succeed and grow: open, collaborative, courageous and caring. We expect you to make safety your priority and to contribute to our zero-harm culture. And for this specific position, we are also looking for:

• Bachelor’s or Master's degree in relevant field, such as Computer Science, Information Technology or Risk Management. Relevant experience may compensate for requested education level.
• Minimum of 3 years experience with assessing risk and/or cyber security posture.
• Professional interest and experience within the area of risk management and cyber resilience, as well as self-motivated to proactively research threat trends and relevant cyber incidents.
• Knowledge of best practices and relevant standards within the area (e.g. ISO27000, NIST, IRAM2, MITRE ATT&CK).
• Competence within technical vulnerability and IT fundamentals is an advantage (e.g. networks, operating systems, databases, storage, cloud, infrastructure, backup/ disaster recovery, IT security architecture, IT operation or security of enterprise IT).
• Fluency in English and Norwegian, both written and oral.

The application window for this role will close on 10 February, 2025. To ensure your application is considered, please submit it before this date. Note that the job advert will be removed on the indicated "end date" found on top of the advert. 

What can we offer you?

We want you to have a rewarding and fulfilling work life. That’s why we offer

Not just a job - a career

In Equinor, your development begins on day one. You will build your competence through a wide range of learning activities while being empowered to build your career across multiple disciplines and geographies. Our internal job market allows a wide range of opportunities for development and growth within your own field, or even in other areas you find interesting and relevant.

Attractive rewards

We give you a comprehensive benefits package with a competitive salary, global parental leave, variable pay schemes and a share savings plan.

Wellness and work-life balance

We care about and prioritise our employees’ well-being. We know that for you to be the best version of yourself in the workplace, being able to collect your children, attend a class or simply enjoy social time can be invaluable. That’s why we encourage you to make use of our flexible work arrangements wherever possible.

An inclusive culture

We believe embracing our differences makes us stronger. For us, true inclusion means being able to bring your whole self to work, and for you and everyone else to feel accepted and valued.

Equal opportunities for everyone

Equinor is an equal-opportunity employer. We make all employment decisions, which include hiring, promotion, transfer, demotion, termination, and training, without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, parental status, veteran status, or any other protected status. 

As part of this commitment, reasonable adjustments will be made during the recruitment process for candidates with disabilities or long-term health conditions. If you have any specific requirements, please clarify this in your application and our team will be in contact to see how we can support your needs. 

Important notes about the application process

We expect you to openly offer all relevant information about yourself during the recruitment process. Background checks are performed on all final candidates, and all permanent and temporary hires will be screened using relevant sanctions lists to ensure compliance with sanctions laws. When applying for a job in Norway you will be asked for information on affiliation to high-risk countries for a security assessment.