For our client involved with renewable energy, we are looking for SOC/CSIRT Specialist to assist a Cybersecurity project, assessment, planning and implementation to ensure the maturity of existing CSIRT. About the assignment:
The mission of CSIRT is to avoid or minimize business impact for attempted or conducted cyber-attacks against the client’s digital values. CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements.
The client is looking for a consultant to assist the MI 2019 Cybersecurity project, assessment, planning and implementation strengthen CSIRT as a project track under MI (Market & IT) strategic initiative named MI 2019 Cybersecurity to ensure maturity of existing CSIRT. Tasks and responsibilities:
- Perform an assessment of current CSIRT function (as-is)
- Assist to define a future to-be CSIRT function including Organizational, Human, Tools and Processual parameters in cooperation with CSIRT Manager. This includes, but is not limited to, defining to-be mandate, authority, service description and organization requirements.
- Perform a gapanalysis and develop and implement CSIRT to the agreed maturity level in cooperation with the CSIRT Manager.
- Contribute to maturity and strengthen CSIRT in close corporation with CSIRT Manager and the Cybersecurity project with the purpose of ensuring CSIRT FIRST membership before 1.7.2020.
- Act as Cybersecurity Subject Matter Expert, you will develop the CSIRT function based on existing As-Is setup towards a stronger and more mature Cybersecurity organization in close corporation with GRC (Governance, Risk, Compliance) and Cybersecurity Architecture as a project resource under “Strengthen CSIRT track”
- Ensure Cybersecurity Compliance to include EU CyberAct19, NIS, GDPR, Krbf (Kraftberedskabs Forordningen) within IT-OT (Business Critical and Production Critical) Cybersecurity solutions in compliance with national ICT security legislations, when applicable
- Provide input to and develop polices, processes and technical solutions supporting the CSIRT function.
- Develop new stronger IT-OT Cybersecurity services to MI customers
Key Competence requirements:
- Contribute to implementation of relevant processes and tools to increase quality and efficiency for detecting and responding to cyber security events.
- Participated and facilitated Cybersecurity workshops and meetings with purpose of strengthen CSIRT defining a strong Cybersecurity baseline for 2020-2022.
- Should have knowledge and experience with NIST-SANS-CIS controls, 3-lines of Defence methodology, principles
- Risk Assessment, i.e. BowTie or similar MoR model knowledge
- In-depth understanding of SIEM/SOC/CERT strategic, operational, tactical and technical estimation, planning and implementation
- Must have experience working with establishing or managing an Incident Response Team or SOC team
- Experience with ENISA CSIRT maturity assessment model
- Experience with common analysis and tools for collecting and analyzing network traffic and logs (SIEM, IDS, Splunk, Fire Eye etc.)
- Familiar with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
- Experience of working with both waterfall and agile project methodology.
- Minimum 10 years of experience from intelligence or security industries, military, police, IT Security or similar
- Knowledge about NO/SE Cybersecurity key stakeholders to include NSM, NSFC, NVE, KraftCERT.
- Knowledge of Cybersecurity architecture requirements: performance, maintainability, extendibility, scalability, availability, security and accessibility
- Aware of emerging technologies – EDR, Splunk, Fire Eye, IT-OT technologies
- Aware of relevant Cybersecurity information in an International organization and sources for best practices
- Must be able to pass a security background check at level NATO Secret.
Language requirements: English
- Communicate in an open and straight forward way
The consultant should have excellent communication skills in English.
If you wish to show your interest or you have any questions, please do not hesitate to get in touch. Start:
6th of January
6 months (+ option for extension)
Min. 5 years of professional IT experience.