IT Security Architect

Company Description

Statkraft has been making clean energy possible for over a century. That’s what we offer. 125 years of unrivalled expertise in supplying the world with what it needs most. Because in the fight against climate change, we don’t see renewable energy as part of the solution – we believe it must be the solution. With us, you’ll shape a career that is truly forward-facing with many amazing opportunities and offerings to match.

But there’s more work to be done – that’s why we need you to join us.

Job Description

Our Cyber Security department is contributing to protect all business areas in Statkraft. We use our expertise within security frameworks, standards, and best practices, as well as our in-depth technical knowledge to understand and support different initiatives and day to day operations. We collaborate with other security domain areas in Statkraft as well as external partners to keep each other informed and protected, and to further our profession and skillset.

Our department consists of specialists passionate about their field and thriving in the dynamic and complex environment – and we are currently looking for a new colleauge to strengthen our IT Security Architecture team!
 

Your Role:

The IT Security Architect role in Statkraft relies on good communication skills, influencing the positive and mature IT security posture throughout the organization, and using the security mandate to protect and improve the IT security services and IT architecture.

You will report to Head of Cyber Security Architecture and your tasks will include the following:

• Assess and design secure and compliant solutions with customers, bringing security requirements and best practice early into the design process, and monitor their implementation
• Build relationships and collaborate with stakeholders, system owners, IT specialists, and process control specialists to ensure all visions are aligned
• Implement administrative and technical security controls throughout the global IT and process control environment
• Develop and maintain security standards, guidelines, and best practices for secure development and testing across different platforms and technologies
• Provide guidance and support to developers and testers on how to implement security controls and tools in their workflows and ensure compliance with security policies and regulations
• Promote security culture among the development and testing teams on security topics and best practices
• Evaluate IT and process control infrastructure changes and requests that impact security
• Provide practical security requirements to projects and activities that helps both the end-user and the organization to balance security – based on established security policies and standards
• Assist with internal and external security audits and assessments, and facilitate third party security assessments
• Collaborate with GRC team on risk assessments, mitigations, and subject matter expertise
• Collaborate with CSIRT team to ensure that findings are addressed through robust processes, IT, and process control security architecture
• Continously improve sercurity poilcies and processes based on your experience, observations and research

Qualifications

• Passionate about cybersecurity and have knowledge about threats to critical infrastructure
• Technical background in IT security and development
• Knowledge within one or more of the areas in IT security and process control security, including LAN/WAN networks and communication security, software development security, identity and access management and security operations
• Knowledge about Zero Trust Architecture and concepts
• Work experience with security frameworks and standards (e.g. ISO 27001, NIST CSF, CIS Controls)
• Work experience with risk assessments and risk management process is an advantage
• Work experience with security- and penetration testing is an advantage
• Stuctured, ethical, professional, proactive, and ambitious
• Fluent in English and Norwegian, both oral and writing

Additional Information

What we offer

• Unlimited learning opportunities at various levels of the organization
• The chance to grow your career alongside a truly global network of experts, leaders, specialists, and graduates from different countries and backgrounds
• The opportunity to work somewhere with pride, and be able to honestly say “My work is contributing to saving the planet”
• A work culture that puts emphasis on the individual, offering flexible working solutions, and work-life balance principles
• Statkraft offers competitive terms of employment and benefit schemes, and we’re a trusted employer that puts the safety of our people first. We believe that a safe and healthy working environment is a matter of choice, not chance

Statkraft manages critical infrastructure and services in several countries. We conduct background checks on qualified applicants before hire and in this role you must qualify for Norwegian and Swedish security clearance and authorization. Necessary background check according to Norwegian and Swedish regulatory requirements is needed for this position.

Statkraft’s vision is to renew the way the world is powered. To navigate the complex journey ahead, we need every voice at the table. We therefore work actively to be a diverse and inclusive workplace and welcome all applicants regardless of background, gender, age, sexual orientation, religious belief, ethnicity, nationality or disability.

Application deadline: 12. August 2024. Applications will be evaluated after the deadline. 

Location and travel: The position is located at the main office in Lilleaker, Oslo, Norway.

Contact: For more information about the process, please contact Celina Nybråten, Talent Acquisition Advisor, [email protected].