Company Description

Vattenfall is one of Europe's largest producers and retailers of electricity and heat. Our main markets are Sweden, Germany, the Netherlands, Denmark and the UK. The Vattenfall Group has around 21,000 employees. We have been electrifying industries, powering homes and transforming lives through innovation for over a century.

About the role

Would you like to become our Senior Security Specialist and work on securing our IT and OT environment?

IT and OT security is constantly growing in importance at Vattenfall. Our highly secured assets are spread across different European countries; the rapidly evolving digitalization; cybersecurity threats and local security regulations make our work both challenging and interesting to be a part of. Red IT Security and Monitoring Services performs SOC services towards Vattenfall's internal operations performing IT and OT activities. We value your important work in OT & IT and hope you will come and develop this further with us.

As a Senior IT & OT Security Officer, you will work in a team focused on IT security and take an active role in the continuous development and building of our OT security capabilities in the team. You will work mainly in a 2nd and 3rd line SOC role where you also have an active role in building the SOC. You will also collaborate with different businesses within Vattenfall Group and Vattenfall AB IT as well as different groupings within the framework of building and strengthening our IT&OT security capabilities. You would do this by:

• Monitoring and conducting in-depth analysis of alerts in SIEM and EDR, from infrastructure and information systems both in IT and OT environments,
• Ensuring that all incidents, alerts and any exceptions are handled in accordance with established processes and procedures
• Detecting, analyzing and responding to incidents, coordinating with other stakeholders to take and advising on appropriate actions within the context of incidents,
• Write technical reports detailing how the evidence was discovered and all the steps taken during the retrieval (timeline)
• Provide guidance and establish action plans for SOC operations and incidents, among others,
• Conduct in-depth analysis of incidents and events,
• Stay up to date on latest trends, security standards and tools for both IT & OT

Requirements

We are looking for an experienced and ambitious person who is not afraid to ask critical questions and who constantly strives for improvement.

In addition, we would like you to have:

• A bachelor's degree in cybersecurity, information technology, computer science, or an equivalent
• A minimum of three years of experience in cybersecurity (including security operations)
• Experience in data analysis from OT devices for anomalies and misconfiguration
• Experience in analyzing attack activity, malware and suspicious activity and also taking appropriate actions required,
• Experience and familiarity working in various SIEM solutions, more specifically Splunk Enterprise Security, monitoring, incident response and the like,
• Experience in coordinating incident response and the like within IT&OT environments.
• Experience with SOAR solutions is beneficial,
• Experience with Endpoint Detection and Response tools (EDR) and with Intrusion Detection System/Intrusion Prevention System (IDS/IPS)
• Good understanding and knowledge of frameworks and standards such as MITRE ATT&CK Framework, NIST, ISO 27001/2, IEC 62443
• Strong analytical thinking and ability to solve complex problems in the cybersecurity domain
• Excellent written and oral communication skills, excellent interpersonal skills and ability to interact with employees at all levels
• Experience in developing new and implementing detection rules (use-cases) in SIEM tools

Further information

In addition to being involved in shaping the smart energy society of the future, we offer you a developing and varied work with many contact surfaces. For us at Vattenfall, it is important that work and private life have a good balance, which is why we offer flexibility in work and the opportunity to work from home if needed. We also have a lot of other employee benefits such as reduced working hours, favorable occupational pension agreements, parental leave allowance and more. Read more about our benefits here.

Location

Stockholm, Gothenburg

For more information about the position itself, please contact the recruiting manager Joel Franzén, joel.franzen@vattenfall.com. For questions about the recruitment process, please contact recruiter Julia Norberg, julia.norberg@vattenfall.com.

Union representatives via Vattenfall's switchboard, 08 739 50 00. Akademikerna (SACO) - Sofi Wadström and Silvija Vatkovic, Ledarna - Christer Gustafsson, SEKO - Juha Siipilehto, Unionen - Inger Strandberg

Please send your application no later than 1-12-2024. Selection and interviews will take place after the application deadline. We only accept applications via our website.

We are convinced that diversity contributes to building a more profitable and appealing company and strive to be good role models when it comes to diversity. Vattenfall works actively to ensure that all employees have the same opportunities and rights regardless of age, ethnic or cultural background, gender, religion/belief, sexual orientation or disability. Read more about how we work with diversity and inclusion here.

Because the safety of Vattenfall and its employees is paramount, we will carry out a pre-employment screening prior to each hire. These checks are based on your role that you will fill within Vattenfall.

Vattenfall is part of Sweden's critical infrastructure, thus many of our services are classified. If this position is security classified, a security clearance will be carried out before employment, in accordance with the Security Protection Act.

We look forward to your application!