Are you eager to be part of something new, and make a difference in the Green Transition in the Nordics and in Europe, working towards a fully carbon neutral, sustainable energy system? Do you enjoy working in a diverse and international team balancing many stakeholders? Are you structured and organized? Then you may be just the person we are looking for.

NORDIC RCC CONTEXT

Nordic RCC is established by EU regulation. Our main task is not to identify new profit optimizing services, but to continuously develop services according to legal requirements in a way which adds value to our service recipients (TSOs) and, in the end, to Nordic societies.
This makes the environment that Nordic RCC works in complex, but also highly motivating and engaging, as we are all generally focused on value creation for society in a time where electricity is in focus (security of supply, prices, and energy transition).
We are looking for a candidate who is motivated by this. The candidate is not expected to grasp the complexity and the content of the core business in advance. This understanding will develop over time, and depending on the wishes of the candidate, there will be opportunities for training in the energy systems, markets, etc.
You can read more about Nordic RCC and the services we deliver on our website https://nordic-rcc.net/ or in our report for 2023 https://nordic-rcc.net/wp-content/uploads/2024/04/NordicRCCAnnualReport2023.pdf .

Reporting to the Head of IT Infrastructure & Security, and in close collaboration with CISO, the business units and your Operational IT Security colleagues your responsibilities are:

• Strategy & Governance
• Ensure alignment to IT and NRCC technology to the technology security strategy
• Formulate prioritized Security Roadmap aligned with business objectives, security and risk policies
• Implement and manage security and risk procedures
• Define a formal set of processes by which the organization identifies, measures, controls, and reports on relevant security risks
• Planning & Execution
• Engage proactively and as early as possible in projects and initiatives in IT and NRCC ensuring secure and risk aligned deliveries
• Detect, triage, and coordinate security events / incidents within all environments
• Continuously triage and manage security violations
• Define and implement guidelines for mitigating technology security risks
• Enable compliance with the regulations
• Measurement & Improvement
• Maximize automation of security provisioning and management across solutions and environments
• Track and monitor access of service users to ensure correct access rights are being assigned and maintained
• Implement and maintain automated tools for proactive and immediate monitoring of compliance adherence
• Key deliveries
• Strategy for securing the RCC’s technology and data assets
• Technology security including assessment, monitoring, reporting, and remediation activities
• Detect, triage, and manage security events / incidents within the environment (networks, servers, endpoints, databases, applications, websites, and other systems)
• Early warning and control the impact of a potential breach, and continuously collect, analyze and monitor technology assets for violations
• Technology risk, compliance standards and policies, and ensure adherence to them through periodic trainings, audits and other measures
• Technology work complies with quality standards as well as adheres to contractual, regulatory and legislative requirements
• Technology related risk and compliance
• Provide security related requirements for solutions and development
• Data Custodian coordination

Your work responsibilities and scope of work will develop over time as Nordic RCC develops and as you make your influence. You will work together with the Head of IT Infrastructure & Security to structure the role, so it fits your profile and career development.