#15283 | 2019-11-25 Oslo, Norway

SOC/CSIRT Specialist (M/W)

For our client involved with renewable energy, we are looking for SOC/CSIRT Specialist to assist a Cybersecurity project, assessment, planning and implementation to ensure the maturity of existing CSIRT.

About the assignment:
The mission of CSIRT is to avoid or minimize business impact for attempted or conducted cyber-attacks against the client’s digital values. CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements.

The client is looking for a consultant to assist the MI 2019 Cybersecurity project, assessment, planning and implementation strengthen CSIRT as a project track under MI (Market & IT) strategic initiative named MI 2019 Cybersecurity to ensure maturity of existing CSIRT.

Tasks and responsibilities:
  • Perform an assessment of current CSIRT function (as-is)
  • Assist to define a future to-be CSIRT function including Organizational, Human, Tools and Processual parameters in cooperation with CSIRT Manager. This includes, but is not limited to, defining to-be mandate, authority, service description and organization requirements.
  • Perform a gapanalysis and develop and implement CSIRT to the agreed maturity level in cooperation with the CSIRT Manager.
  • Contribute to maturity and strengthen CSIRT in close corporation with CSIRT Manager and the Cybersecurity project with the purpose of ensuring CSIRT FIRST membership before 1.7.2020.
  • Act as Cybersecurity Subject Matter Expert, you will develop the CSIRT function based on existing As-Is setup towards a stronger and more mature Cybersecurity organization in close corporation with GRC (Governance, Risk, Compliance) and Cybersecurity Architecture as a project resource under “Strengthen CSIRT track”
  • Ensure Cybersecurity Compliance to include EU CyberAct19, NIS, GDPR, Krbf (Kraftberedskabs Forordningen) within IT-OT (Business Critical and Production Critical) Cybersecurity solutions in compliance with national ICT security legislations, when applicable
  • Provide input to and develop polices, processes and technical solutions supporting the CSIRT function.
  • Develop new stronger IT-OT Cybersecurity services to MI customers
  • Contribute to implementation of relevant processes and tools to increase quality and efficiency for detecting and responding to cyber security events.

Key Competence requirements:
  • Participated and facilitated Cybersecurity workshops and meetings with purpose of strengthen CSIRT defining a strong Cybersecurity baseline for 2020-2022.
  • Should have knowledge and experience with NIST-SANS-CIS controls, 3-lines of Defence methodology, principles
  • Risk Assessment, i.e. BowTie or similar MoR model knowledge
  • In-depth understanding of SIEM/SOC/CERT strategic, operational, tactical and technical estimation, planning and implementation
  • Must have experience working with establishing or managing an Incident Response Team or SOC team
  • Experience with ENISA CSIRT maturity assessment model
  • Experience with common analysis and tools for collecting and analyzing network traffic and logs (SIEM, IDS, Splunk, Fire Eye etc.)
  • Familiar with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
  • Experience of working with both waterfall and agile project methodology.
  • Minimum 10 years of experience from intelligence or security industries, military, police, IT Security or similar
  • Knowledge about NO/SE Cybersecurity key stakeholders to include NSM, NSFC, NVE, KraftCERT.
  • Knowledge of Cybersecurity architecture requirements: performance, maintainability, extendibility, scalability, availability, security and accessibility
  • Aware of emerging technologies – EDR, Splunk, Fire Eye, IT-OT technologies
  • Aware of relevant Cybersecurity information in an International organization and sources for best practices

Personal skills:
  • Must be able to pass a security background check at level NATO Secret.
  • Communicate in an open and straight forward way

Language requirements: English
The consultant should have excellent communication skills in English.

If you wish to show your interest or you have any questions, please do not hesitate to get in touch.

Start: 6th of January
Duration: 6 months (+ option for extension)
Work location: Oslo, Norway
Requirements: Min. 5 years of professional IT experience.
Job type: Freelance

Das Projekt ist nicht mehr vakant

Wir bedauern Ihnen mitteilen zu müssen, dass die Suche nach passenden IT-Beratern für dieses Projekt bereits abgeschlossen ist.

Bitte klicken Sie auf „Verfügbare Projekte“, um alle vakanten Projekte einsehen zu können.

Sie sind Kunde und auf der Suche nach einem ähnlichen Profil? Bitte nutzen Sie das Formular „Beraterprofil ansehen“ auf unserer Internetseite für Kunden.

ProData Consult uses own and third-party cookies for the purpose statistics, preferences and optimization of the website. Third parties may use cookies for targeted advertising. By accepting you give us your consent to the use of cookies. Read our Cookie Policy for more information. You can always withdraw your consent here: Impressum, Datenschutz & Cookies

The website requires the use of ‘Necessary cookies’. Our necessary cookies are only used for the purpose of deliver a proper functioning website and webservice.

Selected third parties may serve cookies on your computer or mobile device to allow relevant adverts to be delivered to you on third party websites.