For an established client involved with renewable energy we are looking for a seasoned Cyber Security Expert to strengthen the Cybersecurity architecture based on international standards using CIS-Controls version 7.1 and NIST Cybersecurity framework as guidelines. About assignment:
The consultant will work in close corporation with two other tracks: Governance, Risk and Compliance (GRC) and Computer Security Incident Response Team (CSIRT), to include both business critical and production critical stakeholders internally. The project is global, contributing to maturity of the client's Cybersecurity environment. Tasks and responsibilities:
- Implementation of CIS Controls v7.1 using CIS Suite Membership support in close cooperation with Security Architect.
- Implementation of each CIS control to reach the desired security maturity level including gap analysis, estimation, planning and implementation.
- Aligning with Cybersecurity policies, processes and technical standards within the project, especially towards GRC.
Key competence requirements:
- Assist in drafting NIST CSF Framework implementation plan.
- University degree within IT/Cybersecurity or hold equivalent work experience.
- 5-10 years of work experience within Cybersecurity domain.
- Minimum 3-5 years of experience in implementing of CIS Controls / SANS Top 20 in large international organizations.
- Experience of implementing NIST Cybersecurity Framework in Critical Infrastructure Environments is a huge advantage.
- Extensive knowledge of CIS Controls version 7.1 and NIST Cybersecurity Framework.
- Good knowledge of NIST SP 800-53 and ISO 27001.
- In-depth understanding of Cybersecurity policies, processes and technical standards.
- Being updated on the latest security threats and technologies for IT and OT.
- Good understanding of network design and LAN/WAN solutions.
Nice to have:
- Experienced in writing technical documentation, policies and procedures.
- Knowledge of current Critical Infrastructure regulatory requirements in Norway and EU for Power Sector.
- Experience with NO/SE Cybersecurity and Critical Infrastructure stakeholders (NSM, NSFC, NVE, KraftCERT).
- Must have a work permit in Norway and be eligible for Norwegian security clearance at level NATO Secret.
- Excellent writing and oral skills in English language
- Preferably fluent in Norwegian or other Nordic language (Swedish, Danish) in speaking and writing.
- Must be able to travel (up to 10 -15 days/year) if needed.
If you wish to show your interest or you have any questions, please do not hesitate to get in touch. Start:
6 months + option
Min. 5 years of professional IT experience.