#15283 | 2019-11-25 Oslo, Norway

SOC/CSIRT Specialist

For our client involved with renewable energy, we are looking for SOC/CSIRT Specialist to assist a Cybersecurity project, assessment, planning and implementation to ensure the maturity of existing CSIRT.

About the assignment:
The mission of CSIRT is to avoid or minimize business impact for attempted or conducted cyber-attacks against the client’s digital values. CSIRT acts as a central hub of contact, correlation and coordination of security events based on current threat situation, business risk appetite and regulatory requirements.

The client is looking for a consultant to assist the MI 2019 Cybersecurity project, assessment, planning and implementation strengthen CSIRT as a project track under MI (Market & IT) strategic initiative named MI 2019 Cybersecurity to ensure maturity of existing CSIRT.

Tasks and responsibilities:
  • Perform an assessment of current CSIRT function (as-is)
  • Assist to define a future to-be CSIRT function including Organizational, Human, Tools and Processual parameters in cooperation with CSIRT Manager. This includes, but is not limited to, defining to-be mandate, authority, service description and organization requirements.
  • Perform a gapanalysis and develop and implement CSIRT to the agreed maturity level in cooperation with the CSIRT Manager.
  • Contribute to maturity and strengthen CSIRT in close corporation with CSIRT Manager and the Cybersecurity project with the purpose of ensuring CSIRT FIRST membership before 1.7.2020.
  • Act as Cybersecurity Subject Matter Expert, you will develop the CSIRT function based on existing As-Is setup towards a stronger and more mature Cybersecurity organization in close corporation with GRC (Governance, Risk, Compliance) and Cybersecurity Architecture as a project resource under “Strengthen CSIRT track”
  • Ensure Cybersecurity Compliance to include EU CyberAct19, NIS, GDPR, Krbf (Kraftberedskabs Forordningen) within IT-OT (Business Critical and Production Critical) Cybersecurity solutions in compliance with national ICT security legislations, when applicable
  • Provide input to and develop polices, processes and technical solutions supporting the CSIRT function.
  • Develop new stronger IT-OT Cybersecurity services to MI customers
  • Contribute to implementation of relevant processes and tools to increase quality and efficiency for detecting and responding to cyber security events.

Key Competence requirements:
  • Participated and facilitated Cybersecurity workshops and meetings with purpose of strengthen CSIRT defining a strong Cybersecurity baseline for 2020-2022.
  • Should have knowledge and experience with NIST-SANS-CIS controls, 3-lines of Defence methodology, principles
  • Risk Assessment, i.e. BowTie or similar MoR model knowledge
  • In-depth understanding of SIEM/SOC/CERT strategic, operational, tactical and technical estimation, planning and implementation
  • Must have experience working with establishing or managing an Incident Response Team or SOC team
  • Experience with ENISA CSIRT maturity assessment model
  • Experience with common analysis and tools for collecting and analyzing network traffic and logs (SIEM, IDS, Splunk, Fire Eye etc.)
  • Familiar with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK)
  • Experience of working with both waterfall and agile project methodology.
  • Minimum 10 years of experience from intelligence or security industries, military, police, IT Security or similar
  • Knowledge about NO/SE Cybersecurity key stakeholders to include NSM, NSFC, NVE, KraftCERT.
  • Knowledge of Cybersecurity architecture requirements: performance, maintainability, extendibility, scalability, availability, security and accessibility
  • Aware of emerging technologies – EDR, Splunk, Fire Eye, IT-OT technologies
  • Aware of relevant Cybersecurity information in an International organization and sources for best practices

Personal skills:
  • Must be able to pass a security background check at level NATO Secret.
  • Communicate in an open and straight forward way

Language requirements: English
The consultant should have excellent communication skills in English.

If you wish to show your interest or you have any questions, please do not hesitate to get in touch.

Start: 6th of January
Duration: 6 months (+ option for extension)
Work location: Oslo, Norway
Requirements: Min. 5 years of professional IT experience.
Job type: Freelance

Projekt avslutat

Tyvärr söker vi inte längre konsulter till det här projektet.

Klicka på ”Till uppdragslistan” för att visa aktuella projekt.

Om du är kund och letar efter den här typen av profil kan du använda formuläret "Visa konsult-CV" på vår andra webbplats.

ProData Consult lagrar data i din webbläsare / enhet med hjälp av cookies i syfte att framställa statistik och optimera våra webbplatser och eventuellt för riktade annonser. Genom att acceptera, ger du oss ditt samtycke till denna användning av cookies. Läs vår sekretesspolicy för mer information. Du kan alltid återkalla ditt samtycke här: Integritetspolicy & cookies

Webbplatsen kräver användning av "Nödvändiga cookies". Våra nödvändiga cookies används bara för att leverera en fungerande webbplats och webbservice.

Valda tredjepartstjänster kan lagra cookies för att placera relevanta annonser som ska levereras till dig på tredje parts webbplatser.