CSIRT Security Analyst

CSIRT Security Analyst

Statkraft is a leading company in hydropower internationally and Europes largest generator of renewable energy. The Group produces power out of hydro, wind, solar, gas-fire and supplies district heating. Statkraft is a global company in energy market operations and has over 3600 employees in 16 countries. Statkraft IT is the Statkraft Groups IT service provider and Digitalization Centre of Expertise, delivering a full set of services from business development, change management, projects, application development to operational services

The newly established Cyber Security Department within Statkraft IT is responsible for GRC, Security Architecture and Statkraft CSIRT. Our team is involved with all the different business areas in Statkraft making our daily work very interesting and we get to know Statkraft in depth. The Cyber Security department seeks those who are passionate about their work and thrive in dynamic and complex environment. You always seek best practice and are able to communicate with diverse stakeholders. 

The mission of Statkraft CSIRT is to avoid or minimize business impact for attempted or conducted cyber attacks against Statkraft's assets. Our CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements.

We are now looking for a new CSIRT team member who will perform investigations of potential cyber attacks and intrusion attempts and conduct vulnerability assessments throughout the enterprise using commercial and open source assessment tools. As a Security Analyst at Statkraft you will play an important role in which your contribution help protect critical infrastructure in several countries. You will get the opportunity to influence both your own working day and Statkrafts further development within cyber security. In our team you will work with cutting edge cyber security systems while developing your ninja skills to fight cyber threats.

Security Analyst role: 

• Monitoring, assessment and response on received warnings, alerts and requests
• Perform analysis of security events in cooperation with your colleagues, vendors and relevant partners such as KraftCERT and NCSC
• Perform vulnerability scanning and assessments of technology platforms, evaluate the risk they represent and provide system owners with analysis and recommendations of key risks and remediation plans.
• Perform proactive and reactive threat hunting within networks and endpoints
• Perform in-depth technical investigations during security incidents, including data collection, intrusion analysis and forensics
• Follow up vulnerabilities and security incidents and ensure sufficient measures are implemented
• Participate in security evaluations and risk assessment of ongoing and new solutions and services in cooperation with our Security Architects.
• Contribute to implementation of relevant policies, processes and tools for compliance to regulatory frameworks and to increase quality and efficiency for detecting and responding to cyber security events.

Your profile: 

• You have a burning interest in cyber security and love to work with threat hunting
• Experience working as part of a SOC or Incident Response Team
• Experience with performing vulnerability assessments
• Experience with analysis and tools for collecting and analysing network and host logs (SIEM, IDS, EDR, etc.).
• In-depth understanding of IP protocols and operative systems
• Familiar with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
• Familiar with penetration testing and IT system audits
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic and solution orientated.
• Scripting skills in at least one of the following is a plus: Python, PowerShell, Perl, Go or Bash.
• Splunk experience will be a huge advantage
• It would be awesome if you already have a CISSP, CEH, GSEC, GCIA, GCIH or other similar security certifications
• Fluent expression in both Norwegian and English is required, both in oral and writing.
• The applicant must be eligible for Norwegian Secret security clearance and authorization.

Statkraft manages critical infrastructure and services in several countries. We conduct background checks on qualified applicants before hire.

Statkraft offers:

• Professional and personal development in an exciting company
• A positive working environment characterised by competence, responsibility and innovation
• A diverse workplace with regard to gender, age and cultural background
• Competitive terms of employment and excellent benefit schemes