OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Sandvik Cybersecurity Incident Response Team (SAND-CSIRT) is seeking a CSIRT Lead to join our team of defenders. Leading the team in handling complex cybersecurity incidents globally across the company and further develop our capabilities to safeguard Sandvik. And when we say globally, we literally mean every corner of the world.
The CSIRT is part of our Cybersecurity Defense Centre, which also include our Sandvik SOC team and a Cybersecurity Architect team. All three teams work closely together with the same goal - secure Sandvik by handling cybersecurity incidents from detection to recovery, as well as working proactively by detecting and responding to threats and ensuring Sandvik’s solutions adheres to the security policy’s set out.
About the job
You’re part of the team that finds the entry point of an attack, figuring out what was exposed and if any data was extracted and together you constantly evaluate our attack-surface and how to protect Sandvik in the best possible way.
In this role, you’re:
leading the team in developing our capabilities to secure Sandvik.
continuously developing the roadmap for the CSIRT team, in line with the overall Cybersecurity strategy and goals.
ensuring incident response processes, guidelines and infrastructure are adequately documented and maintained
part of the team leading the technical work with complex and long running incidents.
together with the team, developing new tools as well as adapting current tools; helping us perform our detection and respond quicker and better.
together with the team developing ways to prevent cyber related encounters that we can get affected by or just don’t want to have.
collaborating with our stakeholders in security matters, ensuring that incident response plan is up to date
taking lead in setting up exercises to ensure that we can manage any relevant threat to the organization. and ensuring that processes are updated, accessible and adhered to.
The location for this position is either Stockholm or Sandviken, Sweden.
Who you are
We’re looking for someone with extensive experience from incident handling combined with a proven track record of automation and a drive for continuous improvements. Your background includes working hands-on within the cybersecurity area and preferably within an enterprise IT environment. You also have experience from a leading role within a team (for example, team-leader, technical lead, leading projects etc.).
To be successful in this role, you also need experience or knowledge in/of:
security incident management (preferably in a CSIRT)
maintaining, updating and produce process and guidelines-documentation, roadmaps
documenting tooling and infrastructure
stakeholder management
the ITIL framework
technical solutions like Firewalls, Switches and Active Directory structures
various operating systems such as Windows or Linux
excellent English skills, verbal and written.
While it’s a plus if you have:
familiarity with common protocols found in enterprise environments as well as common solutions for collaboration, client and server platforms, identity and networking
experience from different cloud environments
programming and scripting skills
an IT degree or the equivalent experience gained from work.
Your personality truly makes the difference! You’re a curious individual with a drive to develop our capabilities and at the same time advance yourself both personally and professionally. Your drive and curiosity inspire other, and you tend to find yourself in a leading role, informal if nothing else. Being an excellent communicator and team player, you truly believe in collaboration, but at the same time you’re also independent and self-going. You’re used to work in an ever-changing environment, and are able to multitask, work with agility and navigate ambiguity and at a high rate of change.
Our Sandvik culture
At Sandvik, we’re tech driven, innovative and entrepreneurial. We believe that success is a team effort so we value diversity and are committed to creating an inclusive culture where people can be themselves and reach their full potential. So, we invest in supporting each other, learning together and celebrating our differences. Visit our stories hub, LinkedIn or Facebook to get to know us further.
Application
Send your application no later than January 16, 2023. Read more about Sandvik Group and apply at home.sandvik/career (Job ID: R0044161).
As we aim for a fair recruitment process, we utilize assessment tools to safeguard objectivity. When you apply for this job, you will therefore receive an invitation via email to a personality and logic ability test. Feedback comes immediately after the test has been completed and the selection process begins after the application deadline.
Contact information
For further information about this position, please contact:
Daniel Häggquist, Acting Manager Cybersecurity Defense Center, +46 (0)72 235 32 80
Union contacts - Sweden
Malena Rackner, Unionen, +46 (0)26 262 748
Göran Norell, Akademikerföreningen, +46 (0) 26 26 65 74
Peter Olsson-Andrée, Ledarna, +46 (0)26 26 19 84
For more information about the recruitment process, please contact HR Services, +46 (0)26 261 444.
Recruitment Specialist
Irene Sveen
Sandvik is a global high-tech engineering group offering solutions that enhance productivity, profitability and sustainability for the manufacturing, mining and infrastructure industries. We are at the forefront of digitalization and focus on optimizing our customers’ processes. Our world-leading offering includes equipment, tools, services and digital solutions for machining, mining, rock excavation and rock processing as well as advanced materials. In 2021 the Group had approximately 44,000 employees and revenues of about 99 billion SEK in about 150 countries.