Cyber Security Analyst

On behalf of one of our clients, we are looking for Cyber Security Analyst
Pnr: 6000228

As a Cybersecurity GRC Consultant, you will play a key role in ensuring that client's cyber risks are understood, managed and communicated in a structured and transparent way. You will bridge strategy and execution, ensuring that requirements, risks and controls are actionable, proportionate and aligned with business priorities.
This role requires both analytical depth and strong stakeholder skills, as you will advise leaders, influence decision making, and help embed cybersecurity into everyday processes.

Job Description:

• Maintain, develop and mature client's cybersecurity governance framework, policies and standards
• Ensure alignment with internal risk frameworks and enterprise governance models
• Translate strategy and regulatory requirements into practical, implementable controls
• Facilitate and perform cybersecurity risk assessments across IT, OT and digital initiatives
• Support threat and risk based decision making for projects, suppliers and operations
• Track risk treatment plans, risk acceptance and management actions
• Support compliance with relevant laws, regulations and industry standards (e.g. NIS2, ISO/IEC 27001, IEC 62443)
• Plan and execute internal cybersecurity assessments
• Contribute to management reporting and leadership decision support
• Act as a trusted cybersecurity advisor for projects, product teams and business units
• Collaborate with IT, OT, architecture, procurement and vendor management
• Contribute to secure by design and risk based ways of working
• Support development of cybersecurity guidance, training and awareness initiatives
• Help build a strong risk culture where cybersecurity is understood in the business units

Qualifications:

• Relevant education within cybersecurity, IT, engineering or a related field
• Practical experience with cybersecurity governance, risk management and compliance
• Solid understanding of cybersecurity principles across IT and preferably OT environments
• Experience working with standards such as ISO 27001, NIST, CIS or IEC 62443
• Solid understanding of AI, automation and emerging technologies' effect on Cyber security risk, IT&OT operations, and on data driven technology used for decision support
• Experience from energy, oil & gas, industrial or other complex operational environments
• Familiarity with regulatory requirements such as NIS2 or critical infrastructure legislation
• Experience with third party risk management or supplier assurance
• Certification(s) such as CISM, CISSP, CRISC, ISO 27001 LA/LI (nice to have, not required)

Personal traits:

• Structured, pragmatic and risk based in your approach
• Comfortable working independently while collaborating across disciplines
• Able to challenge constructively and influence without formal authority
• Motivated by improving real world security-not just documentation
  

Applications will be evaluated continuously

Language:

• English
• Norwegian

In Head Energy you get:

• Permanent- or project employment with the best conditions.
• Access to the industry's most exciting job opportunities
• Personal follow-up, mentoring and career guidance
• A large variety of project opportunities
• Good pension- and insurance schemes
• A pleasant and positive work environment
• Access to both specific and general courses.

Video: Solutions that brings you one step ahead
#LI-TS1

Job alert subscription - Register to receive e-mails regarding job opportunities.

Head Energy's application process is simple and straight forward. Upon registering your CV or LinkedIn-profile, you are able to apply to jobs by the push of a button. Keeping your profile up to date will increase our ability to match your competence and upcoming jobs.

Head Energy is an independent Scandinavian engineering & consulting house providing a wide range of products to onshore and offshore industries. We work with reputed clients in Energy, Civil Construction & Infrastructure, and Industry.
Head Energy has more than 900 employees, and offices in Bergen, Stavanger, Oslo, Trondheim, Gothenburg, Stenungsund, Esbjerg, Odense, and Hamburg. We are employee owned, client focused and growth oriented.
We live by our core values: Responsible | Honest | Inclusive | Innovative.
Our vision is to bring our employees and clients one step ahead.