Cyber security is a priority for Powel and its importance is only growing as Powel brings more solutions to the cloud utilizing technologies such as cloud services, hosted solutions, IoT, big data, etc. As CISO at Powel As, you will be responsible for establishing and maintaining the vision, strategy, and program to ensure information assets and technologies are adequately protected both within the enterprise and in Powel products and services. Your scope and influence will be extensive and reach the entire organization. You will have the full backing and support of the executive team reporting directly to the CTO and regularly reporting out to executives and leaders of product units.
- Develop security programs for Information security program development and implementation including
- Direct staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks.
- Identity and access management strategy and architecture guidance
- Identify protection goals, objectives and metrics consistent with organizations strategic plan
- Incident response program development
- Security awareness program development
- Work with management to prioritize security initiatives and spending based on appropriate risk management methodology
- Determine the acceptable level of information security risk in conjunction with senior management. Advise management on information security risks and appropriate course of action.
- Conducts threats and vulnerability assessments to properly analyze the risks to information security and determines appropriate measures to effectively manage those risks
- Respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance.
- Manage the investigation of security breaches or potential breaches and assist with disciplinary and legal matters associated with such breaches
- Work with outside consultants as appropriate for independent security audits
- Participate in the evaluation, selection and implementation of security products and technologies
- Develop enterprise education and communication plan.
- Maintain deep knowledge of legal requirements and market standards of information security
- Information regulatory compliance (e.g., US PCI DSS, FISMA, GLBA, HIPAA; UK Data Protection Act 1998; etc.)
A Technical BS degree, Computer Science or Information Security professional background.
Certificates, Licenses, Registrations Required
Professional certifications of Certified Information Privacy Professional (CIPP) and/or Certified Information Systems Security
Professional (CISSP) and/or Certified Information Security Manager (CISM) required.
Knowledge and Skills
- Must have a solid understanding of information technology and information security.
- Strong verbal and written communication skills.
- Must understand the unique requirements of security in cloud application solution settings.
- Ability to articulate highly technical information into real world business impact at a senior management level and, conversely, ability to translate senior management business initiatives into actionable technical designs.
- Knowledge and experience implementing Security Development Lifecycle (SDL) in development projects
- Knowledge and experience with utilizing Microsoft Azure Security Center a plus.
- Should have experience with auditing, and risk management, as well as contract and vendor negotiation.
- Familiarity with current Cybersecurity management frameworks
Location can be Trondheim or Oslo.
If you are interested in this role, please send your application and CV to firstname.lastname@example.org before 30 January 2017.
Please mark your application with “Chief information security officer” in the subject field.
For any questions about the role, contact Chief Technical Officer Cloud, Kevin Gjerstad on (+47) 905 44 225
ABOUT POWEL AS
Powel AS, headquartered in Trondheim, Norway, delivers business-critical software solutions and related services specifically designed to help energy companies and public utilities improve daily operational processes and service quality. The company is a market leader in software solutions for grid operations and maintenance, energy production and smart metering, with offices in Oslo Norway, Sweden, Denmark, Poland, Turkey, Switzerland and Chile. Powel's client list includes 1,000 public and private customers in Europe. Founded in 1996, Powel AS is a privately held company with more than 480 employees. www.powel.com
Powel is focused on supplying modern, intelligent cloud applications and solutions. By combining state of the art software technology including advanced analytics, machine learning and big data solutions, with decades of industry expertise and technological know-how, Powel creates the ideal basis for customers to optimise their business activities. Powel’s systems are business critical for generators, traders and utilities in open markets. Years of experience in and in-depth knowledge about these deregulated and highly competitive markets have positioned Powel AS as a market leader in the Nordic region.