Group IT Security Officer bij Vattenfall N.V.
Group IT Security Officer
Do you want to advise Vattenfall organization about IT & Information security risks and are aware of the latest digital security trends, technologies, laws and regulations? Do you also know this area well, have a pragmatic attitude and like to work in a dynamic international environment? Then you might be the Group IT Security Officer/Expert that we are looking for to further strengthen our Group IT Security function!
IT Security is an increasingly important discipline for Vattenfall business through an fast evolving digitalization as well as cyber threats and regulations. Therefore we are looking for an experienced and ambitious person who is not afraid of asking critical questions and that constantly strives for improvement.
As a Group IT Security Officer/Expert you work in a dynamic international team of peers who are the IT Security subject matter experts and the advisor to the organization, our management, employees, business and outsourcing partners. You will be a solid security professional and therefore advise to Vattenfall IT management in decision making with implications for IT Security. You do this by:
- Developing IT security standards and guidelines.
- Identifying, rating and reporting IT Security risks.
- Validating and assessing the risk for certain IT security changes.
- Performing security reviews and threat modelling sessions, as well as reporting the findings on a risk based approach.
- Ensuring compliance with IT Security standards.
- Embedding security in IT architectural building blocks and solution designs.
- Development of IT security architecture and initiating security improvement initiatives.
- Consulting and guiding the Security Operations teams based on the Cyber Kill Chain Models and Cyber Threat Intelligence.
You will act as Subject Matter Expert (SME) to support Group ISMS (Information Security Management System), IT, Business organization and critical suppliers, mainly within the area of infrastructure security, application security, cloud security and IoT security. You will:
- Signal risks and improve security measures in Vattenfall organization.
- Actively contribute in reporting to IT management about the IT Security.
- Interact professionally with relevant stakeholders of the organization and will act as IT Security Business Partner.
- Actively support the Operational IT Risk Management and interact with the Group IT Risk Officer.
- Evaluate, assess, monitor and follow up risks with the Risk Owners. Report and escalate accordingly while supporting and driving mitigation activities.
- Support, consult and guide business and IT projects as an IT Security Officer to make sure security by design is part of the deliverables and the solutions are compliant to security requirements.
We believe that you have an academic degree within the relevant areas of Information and/or IT Security. You have minimum 5 years of experience in relevant IT security position in an international/corporate environment and are fluent in English, other languages such as Swedish, German, Dutch and Polish are of additional value. You have a high degree of co-operation and collaboration capabilities in a distributed work environment. Also you have proven technical security expertise in one or more of the infrastructure and/or application security. Further more you have/are:
- Current knowledge of relevant IT/Information Security legislations (e.g. Swedish Protection Security Act (NSI), EU NIS Directive, GDPR / data protection, Germany IT Security Act) in the European countries where Vattenfall operates.
- Thorough knowledge of relevant standards, such as ISO27001/2, NIST, CIS.
- Experience with or good understanding on Cyber Threat Intelligence methodologies: pivoting models, MITRE ATT&CK Framework, and the Extended Cyber Kill Chain.
- Good understanding of Cyber Security topics and threat landscape and Cyber Security Incident Response processes.
- Working knowledge of cybersecurity principles, techniques and technologies.
- Past experience as a penetration tester and/or as a security engineer operating/managing security products in Security Operations is a plus.
- Profound understanding of information technologies and architectures in combination with their respective connection to IT areas Security.
- Relevant IT Security certifications are plus. (e.g., CISSP, CISA, CISM, CRISC).
- And other relevant cyber security relevant security certifications are bonus (e.g. GCFA, GCIA, GREM, GCIH, OSCP).
Location: Sweden / Netherlands / Germany
The preferred location for the position is in Sweden (Solna/Stockholm) or Netherlands (Amsterdam Area) / Germany (Berlin, Hamburg). We believe that you have possibility to travel regularly to build international relationships within the team and the relevant stakeholders, e.g. to the main Vattenfall locations like Berlin, Amsterdam, Stockholm.
- We offer a challenging and international work environment and the possibility to work with some of the best in the field.
- You will be working in interdisciplinary teams and you can always count on support from committed colleagues.
- A professional environment where your business intelligence knowledge and attitude will bring us one step further.
- A central office location with easy access by public transport.
- Furthermore, a healthy work-life balance (smart working) and time to develop your profession.
- At Vattenfall you get the opportunity to work for a clean energy company that aims for creating fossil free energy within one generation.
- And last but not least; International and multi-cultural work environment with energetic, motivated colleagues that like to have fun as well!
We welcome your application in English, the last day to apply is 1st of September, 2021 via the application form. For more information about the position you are welcome to contact hiring manager Murat Kültür via phone +31611018647. For more information about the recruitment process please contact Christiaan van der Horst via firstname.lastname@example.org.
At Vattenfall, we are convinced that striving for diversity helps building a more profitable, efficient and attractive company. Therefore we seek a harmonious balance of employees in terms of age, religion, gender identity & expression, sexual identity, disability and ethnic background.
Since Vattenfall is part of the Swedish critical infrastructure many of our positions are security classed. If this position is security classed the final candidates can be subject to a security vetting process, according to the Swedish legislation.
Agency calls are not appreciated.