Cyber incident response team lead and relationship manager

We are looking for a team leader for the NFCERT operative incident response team based in Oslo. The team supports our members’ cyber defense and cybercrime teams with specialist incident response services, coordination and information sharing. You can lead the team without being part of the on-call group, or you can be a ‘playing coach’ who is part of our 24/7 on-call group.

As a relationship manager, you will maintain an active dialogue with members and partners in order to ensure that the NFCERT operative function meets our members’ expectations.

We are a small and agile organization – with us you will make a significant impact together with a small team of motivated and competent colleagues.

Responsibilities

·      Team lead for the incident response/on-call team

o  Enable and support the team in delivering incident response services

o  Help the team develop, mature and improve – e.g. using SIM3 or similar models

o  Define competence needs and meet those needs (by training, recruiting, etc.)

o  Plan and run exercises and exercise participation (e.g. with members, or national cyber exercises)

o  Reporting and communicating team goals, progress and achievements

·      Build and maintain organizational and personal relationships with members and partners/stakeholders

·      Ensure success within NFCERT member community and external network

o  Responsibility for following up a defined set of members and partners

Required competence

·      Strong cyber security and software/technical understanding

·      Cyber incident response processes and techniques

·      Teamwork, team development, coaching

·      Agile style of working, delivering value by working in networks

·      Ability to build good relations with members, partners/stakeholders (including government)

·      Communicate well with all levels - management/administrative and technical personnel

o  Presentation – e.g. to conferences and workshops

·      Experience with communication and cooperation in organizations of all sizes.

·      Master's degree, e.g. M.Sc. in software or cybersecurity

·      Languages:

o  English as the main working language – fluent written and oral

o  One of Danish, Swedish or Norwegian – fluent written and oral

Competencies that will be a plus

·      Experience with incident response with multiple actors involved (e.g. customer and multiple vendors/other stakeholders.)

·      An understanding of the financial sector and its infrastructure (financial institutions, key vendors, FSA, National bank, associations)

·      The legal framework for cyber security work in financial institutions

·      Experience with FSA relations and central financial infrastructure

·      Experience with participating in, or running – cyber threat sharing groups and activitites

·      Experience with cyber threat intelligence

Personal characteristics

·      “People person” who is cooperation-oriented. Candidate must be able to create good working relations with team members, colleagues, members, partners and vendors

·      Ability to see many perspectives, and to change between them (e.g. from a detailed technical perspective to sector-overview)

·      Ability to thrive with uncertainty

·      Structured, curious and passionate

Other

·      Candidate must pass security clearance

·      Some travel expected in the Nordic Countries