WHAT DOES THE JOB INVOLVE?

Cybersecurity engineer responsible for prevention of damage to, protection of, and restoration of computers, electronic communication systems and services, including information contained therein to ensure its availability, integrity, authentication, confidentiality, and non-repudiation.
This includes identity and access management, security testing, systems hardening, vulnerability management, incident response & detection, application security & cyber threat intelligence.
You are utilizing your knowledge independently to solve highly complex tasks with a short to medium-term tactical impact/risk.
You address key business challenges that align with Equinor’s short and long-term strategy via providing specialist support to your team and others.
You independently communicate within the immediate team, across other areas, and towards key stakeholders from partners or external parties.
You regularly navigate conflicting agendas and may lead negotiations with senior stakeholders.
You resolve challenges, deliver improvements and contribute to shaping best practices.
You promote change initiatives, demonstrate flexibility to adopt new highly complex activities/ways of working and advice others.
You follow and comply with safety, ethics, and compliance requirements and align with leadership expectations and company values.

HERE’S WHAT WE EXPECT FROM YOU:

At Equinor, there are some overall qualities we regard as essential. We want you to identify with the values that guide our decisions and help us succeed and grow: open, collaborative, courageous and caring. We expect you to make safety your priority and to contribute to our zero-harm culture. And for this specific position, we are also looking for:

• Bachelor’s or Master’s degree in relevant field, such as Computer Science, Information Technology or Risk Management. Relevant experience may compensate for requested education level.
• Minimum of 3 years experience with assessing risk and/or cyber security posture.
• Professional interest and experience within the area of risk management and cyber resilience, as well as self-motivated to proactively research threat trends and relevant cyber incidents.
• Knowledge of best practices and relevant standards within the area (e.g. ISO27000, NIST, IRAM2, MITRE ATT&CK).

• Competence within technical vulnerability and IT fundamentals is an advantage (e.g. networks, operating systems, databases, storage, cloud, infrastructure, backup/ disaster recovery, IT security architecture, IT operation or security of enterprise IT).Fluency in English and Norwegian, both written and oral.

• The application window for this role will close on 10 February, 2025. To ensure your application is considered, please submit it before this date. Note that the job advert will be removed on the indicated “end date” found on top of the advert.

ABOUT EQUINOR

Equinor is an international energy company headquartered in Norway, energising the lives of 170 million people worldwide. Our ambition is to be a leading company in the energy transition and achieve net zero by 2050. Our task is enormous: supplying the world with the energy it needs, while lowering emissions to the atmosphere. To achieve it, we are looking for like-minded people to join our team of 22,000 colleagues working in nearly 30 countries. We’re up for the challenge. Are you

Within this position, your key tasks will be to:

• Cybersecurity engineer lead advanced activities to ensure security controls and measures as appropriately incorporated.
• Cybersecurity engineer manage systems design activities to incorporate advanced security controls and measures.
• Conduct in-depth analysis to detect threats and identify advanced security requirements to inform solution interventions.
• Identify the assets that need protection, assessing the threats to those assets, and determining the vulnerabilities that may be exploited.
• Assess that systems adhere to relevant laws, regulations, and industry standards related to cybersecurity.
• Participate in cross-functional teams to ensure the integration of advanced security measures across the organization.
• Provide analytical support for advanced security policy development and analysis.
• Mentor and provide guidance to junior and mid-level team members.
• Propose structuring and delivery of our cybersecurity strategy
• Learn to use automated code scanning tools and manual techniques to identify potential security issues and coding best practice violations.
• Cybersecurity Awareness Campaigns: Develop and deliver cybersecurity training and awareness programs for employees.
• Cybersecurity Risk and IT Compliance: Conduct cybersecurity risk assessments, compliance activities and audits to identify areas for improvement and implement strategic security initiatives. Ensuring adherence to security policies and standards.
• Identity Access Management Process and Governance: Manage access management processes to ensure compliance with relevant security standards and regulations. Provide guidance and assistance to end-users on security best practices, password management, and incident reporting.