The Group IT & OT Security Specialist is responsible for designing, building, testing and implementing enterprise-class security systems and solutions in the Mowi IT & OT environment to protect technology at our hatcheries, fresh-water, sea-water, factory and office locations against unauthorized access, modification or loss. As a business driven organization, this role will be responsible for helping to educate all employees, secure technology and processes to effectively manage risk, while remaining current with the evolving threat landscape. It will be imperative to strategically leverage technology, processes and talent to protect the confidentiality, integrity and availability of information for our employees, customers and clients.
You will be responsible for, but not limited to:
- Keep Mowi information security architecture aligned with business and technology strategy up to date with emerging threats and vulnerabilities
- Review security controls deployed within Mowi are effective at mitigating the identified security risks, identify design gaps in existing and proposed architectures and recommend changes or enhancements
- Set security checklists, guidelines or standards in the procurement of new technology within IT and OT.
- Embed and maintain a set of key information security architecture principles and controls within the design phase of projects and change management processes
- Ensure that security requirements and engagement outcomes are properly documented, agreed and reported into all necessary risk and compliance processes and registers.
- To oversee the review of the proposed cloud, firewall, identity, proxy, and other infrastructure changes to determine secure rules, whilst meeting the needs of the business are met with a risk-based approach
- Awareness training of the workforce on information security standards, policies and best practices
- Conduct penetration testing, simulating an attack on the system to find exploitable vulnerabilities.
- Monitor security breaches that detects intrusions and anomalous activity on networks and systems behavior
- Prepare and present information on infrastructure plans, progress, and resolution of information security gaps to leadership
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage
- Design and implement third-party secure connectivity models in compliance with Mowi security standards
- Work with global IT Teams to perform all the above
- University degree or equivalent qualification in Information Technology, Information Security or related field, or relevant industry knowledge and experience
- Eight to ten years of experience working in information security architecture in a global business, designing and implementing best practice solutions, including continuous monitoring and making improvements to those solutions
- Technically proficient with advanced network security and access management solutions, endpoint security solutions, security considerations of cloud computing and related attack pathologies
- Knowledge of risk assessment procedures and experience in working with security relevant standards and frameworks (NIST, ISO 27001, COBIT etc)
- Technical proficiency in broader areas of IT, including networking, servers, web applications, databases, desktops and mobile devices
- Appropriate industry certifications (ISSAP, SABSA, TOGAF, CISSP, CEH, CESG, CISM, etc)
- Effective communication skills in English, written and verbal.
- Demonstrated desire to work as a part of a high performing team
- Proven ability to operate effectively in a geographically diverse environment
- Individual should be organized, able to work independently and within a team environment, able to collaborate across functional organizations to accomplish tasks.
- Bring a fresh and creative perspective to problem solving
Work office: one of our Mowi offices in Europe.
Job Type: Full-time
- relevant: 8 years (Preferred)
- United States (Preferred)