Security Lead

Job Title: Security Lead

Job Type: Permanent

Location: Oslo, Nowray

Key Responsibilities:

• Lead the security team in daily operations, Incident response and threat mitigations.

• Collaborate with IT and business leadership to align the security initiatives with business goals.

• Manage security services like Vulnerability Management, Endpoint security, Risk management, PKI and Network security.

• Conduct regular risk assessments and drive the identifies risks for remediation.

• Ensure compliance with relevant security frameworks ISO27001, NIST and GDPR.

• Mentor and train the security team members in the best practices and new technologies.

• Define Security Roadmap/Strategy and coordinate the initiatives across the organization.

• Define and drive cloud security programs to secure resources on cloud (Azure, AWS, GCP etc.)

• Develop & maintain up to date Information Security policies, processes, and guidelines.

• Review and approve information security specifications, any exceptions/deviations to security policies submitted by internal stakeholders.

• Lead Incident response efforts including detection, analysis and remediation. Coordinate with all internal and external stakeholders during any security breaches.

• Define and conduct Security awareness trainings and programs.

• Evaluate emerging cybersecurity threats and develop effective security controls.

• Oversee Audits and ensure corrective actions are implemented for NC’s and findings.

• Establish strong governance with the team by creating presentations and reports.

• Follow and promote security best practices (from NIST, CIS etc.) within the organization.

• Achieve security goals, objectives and drive continual improvement to mature the security posture of the organization.

Qualifications:

• Bachelor’s degree in computer science, Information Technology.

• Excellent Verbal and Written communication skills and Leadership skills.

• 10-12 yrs of experience in IT security with at least 3 yrs experience in leadership role.

• Certifications: Az-900, Az-500, CISM or equivalent is preferred.

• Strong knowledge on Endpoint security (Defender for endpoint), Vulnerability Management, Risk Management, PKI and Network security.

• Should be familiar with Cloud Security (AWS, Azure).

• Candidate should shave good knowledge on ITIL Process.