Do you want to share your competence and be part of strengthening the assessment of cyber threats?

Hydro is currently strengthening the organization within the area of Cyber Security. As a result, Group Information and Technology is looking for a skilled Offensive Security tester with deep technical knowledge to strengthen the proactive assessment of cyber security threats relevant to Hydro's Information and technology assets within IT and Industrial Control Systems areas. The ethical hacking and penetration testing team is working as an integral part of the Group Information & Technology staff being the second line of defence function in Hydro Group.

This position will be part of a team of highly skilled penetration testers and take part in testing against Information & Technology assets across the Hydro group. From Industrial Control System in plants across the whole value chain of aluminium and energy production to systems and applications connected to a global IT platform serving Hydro globally. The work will include collaboration within a global Information & Technology community across cultures, countries and plants, where the testing will also include travelling to other Hydro locations.

The position are located in Oslo, Norway, and reports to the Cyber Security Manager - Ethical hacking being part of the Cyber Security Strategy & Risks team lead by Hydro CISO.

Key responsibilities:

• Scope and execute penetration tests and vulnerability analysis on a variety of systems, networks, and applications to identify vulnerabilities and weaknesses.
• Report on findings from penetration tests and security assessments.
• Stay up to date with the latest security threats, attack techniques, and industry best practices to continually improve testing methodologies.
• Conducts threat assessments to identify what threats are most likely to target Hydro, and how they would execute their attacks.
• Provide consultative advice and coaching to cybersecurity stakeholders to help them make informed risk management decisions.

Requirements:

• B.S. or MS in Computer Science, Computer Engineering or related degree.
• Minimum of three years of related experience in penetration testing and security assessments.
• Experience from Red Team, Purple Team, Ethical Hacking or other penetration testing activity.
• Subject matter knowledge from utilities or manufacturing industries using industrial control systems within plant operations
• Strong verbal and written skills in English and Norwegian
• Ability and interest to develop external peer network for sharing intelligence.
• Self-motivated and possessing of a high sense of urgency and personal integrity as well as living by the highest ethical standards and values

Optional Certifications: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester Certification (GPEN), GIAC Red Team Professional (GRTP), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Experienced Penetration Tester (OSEP)

Additional information:

Please enclose a cover letter and copies of relevant academic transcripts, diplomas, certificates etc. Only applications received through our online system will be considered, not via e-mail.

As part of our recruitment process, we use Semac for background check

Apply before: 10.04.2024

If you have any questions, please contact:

Hiring manager

Henriette Borgund

Phone: (Norway +47)

CISO

Torstein Gimnes Are

Phone: (Norway +47) 99562623

Recruiter

Birgitta Sanden

Phone:(Norway +47) 97031556