We are looking for a Cyber Security Incident Responder to Nordea IT Security Incident Response Team (NITSIRT) which is a part of Cyber Defence Centre.
NITSIRT monitors, mitigates, investigates and hunts for cyber threats. We work closely with other parts of the organization and have a reputation of trusted and skilled cyber experts externally and internally.
Working with skilled, international teams in a fast-paced and inspiring working environment, you’ll play a part in making us truly digital.
More than just a Nordic bank, we’re one of the largest IT employers in Tricity and Warsaw. You’ll have lots of opportunities to expand your abilities and advance your career.
Will you help us lead the way in transforming the future of banking?
Your future responsibilities
As a Cyber Security Incident Responder, you will be investigating and mitigating security threats against Nordea. You’ll work in cooperation with other Cyber Defence Centre’s specialists, responding to incidents, hunting for threats and evaluating on-
going cyber threats and how they affect Nordea by using the latest available tools.
What you’ll be doing :
Your main responsibility will be driving and participating in IT security related incident handling, threat assessments and computer forensics investigations
You’ll work closely with other teams inside Cyber Defence Centre and with our service providers to resolve the incidents
The deeply technical role we’re offering will require interfacing towards internal stakeholders in business and IT and external suppliers at technical, project and management levels
Depending on your skillset, you’ll also contribute to different security related research and development projects
You will also work from time to time as a member of our on-call ring, estimated 8-10 times a year. On-call work is compensated additionally, and it requires being available 24 / 7 and one hour away from the Nordea offices
The role is based in Oslo, Norway. Welcome to NITSIRT where we have the latest tools for responding to cyber security incidents and threats.
Who you are
Collaboration. Ownership. Passion. Courage. These are the four key values that guide us in being at our best. We imagine that you enjoy learning and are excited about bringing your ideas to the table.
You’re dependable, willing to speak up even when it’s difficult and committed to empowering others.
Your profile and background :
You have proven experience in working with security in IT platforms, IT production or infrastructure solutions. Being familiar in how CSIRTs work is a definite plus.
You can easily recognize the typical hallmarks of malicious activities and malicious software. You’re no stranger to analysing the effects and threats vulnerabilities pose to IT systems
You have experience from working with EDR products, SIEM systems, log analysis, malware and traffic analysis. You’re comfortable with working with command line tools at times as well, having experience both from Windows & Linux environments
You have experience from two or more of the following areas : Initiation of response and incident escalation / Incident coordination / Threat hunting / Digital forensics investigations
Fluency in English is a must, since you’ll be engaged with international stakeholders inside the organization and will be reporting about cyber security incidents to management
A University degree and relevant certifications are appreciated; however, to excel in this position you must have a keen interest in Cyber security and be able to see the wider context of things
You are self-initiating, self-learning, an excellent team player, you work with integrity and are able to support your colleagues