Group IT Security Officer/Expert
5 d. temu

Vattenfall IT

management in decision making with implications for IT Security. You do this by :

  • Developing IT security standards and guidelines
  • Identifying, rating and reporting IT Security risks
  • Validating and assessing the risk for certain IT security changes
  • Performing security reviews and threat modelling sessions, as well as reporting the findings on a risk based approach
  • Ensuring compliance with IT Security standards
  • Embedding security in IT architectural building blocks and solution designs
  • Development of IT security architecture and initiating security improvement initiatives
  • Consulting and guiding the Security Operations team based on the Cyber Kill Chain Models and Cyber Threat Intelligence methodologies
  • You will act as Subject Matter Expert (SME) to support Group ISMS (Information Security Management System), IT, Business organization and critical suppliers, mainly within the area of infrastructure security, application security, cloud security and IoT security.

    You will :

  • Signal risks and improve security measures in Vattenfall organization
  • Actively contribute in reporting to IT management about the IT Security
  • Interact professionally with relevant stakeholders of the organization and will act as IT Security Business Partner.
  • Actively support the Operational IT Risk Management and interact with the Group IT Risk Officer
  • Evaluate, assess, monitor and follow up risks with the Risk Owners. Report and escalate accordingly while supporting and driving mitigation activities.
  • Support, consult and guide business and IT projects as an IT Security Officer to make sure security by design is part of the deliverables and the solutions are compliant to security requirements.
  • About you :

    We believe that you have an academic degree within the relevant areas of Information and / or IT Security. You have minimum 5 years of experience in relevant IT security position in an international / corporate environment and are fluent in English, other languages such as Swedish, German, Dutch and Polish are of additional value.

    You have a high degree of co-operation and collaboration capabilities in a distributed work environment. Also you have proven technical security expertise in one or more of the infrastructure and / or application security.

    Further more you have / are :

  • Current knowledge of relevant IT / Information Security legislations (e.g. Swedish Protection Security Act (NSI), EU NIS Directive, GDPR / data protection, Germany IT Security Act) in the European countries where Vattenfall operates
  • Thorough knowledge of relevant standards, such as ISO27001 / 2, NIST, CIS
  • Experience with and good understanding on Cyber Threat Intelligence methodologies : pivoting models, MITRE ATT&CK Framework, and the Extended Cyber Kill Chain.
  • Good understanding of Cyber Security topics and threat landscape and Cyber Security Incident Response processes
  • Working knowledge of cybersecurity principles, techniques and technologies
  • Past experience as a penetration tester and / or past active role in Security Operations is a plus.
  • Profound understanding of information technologies and architectures in combination with their respective connection to IT areas Security
  • Relevant IT Security certifications are plus. (e.g., CISSP, CISA, CISM, CRISC)
  • And other relevant cyber security relevant security certifications are bonus (e.g. GCFA, GCIA, GREM, GCIH, OSCP)
  • Zgłoś tę pracę

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Formularz wniosku