Equinor søker SOC Analyst
We're Equinor, an international energy company with a proud history.
Formerly Statoil, we are 20,000 committed colleagues developing oil, gas, wind and solar energy in more than 30 countries worldwide. We're the largest operator in Norway, among the world's largest offshore operators, and a growing force in renewables. Driven by our Nordic urge to explore beyond the horizon, and our dedication to safety, equality and sustainability, we're building a global business on our values and the energy needs of the future.
The Chief Financial Officer’s (CFO) organisation is a driving force behind the creation of greater value in the company. We are responsible for the financial and legal functions, providing professional support and advice, and for representing the group in financial markets. A key task for us is to ensure high levels of ethical and financial compliance with corporate and external requirements. By means of active stakeholder management, CFO will manage the market perception of Equinor in Norwegian and international financial markets.
The Security Operations Center is organized as a team of analysts and engineers with end-to-end responsibility for our services. We use DevOps principles to deliver effectively and with high quality.
As a security analyst your job will be focused on researching attacker TTPs and translate your knowledge into detection analytics.
You will create hypothesis on attacker behavior and perform hunts to test the hypothesis. The outcome of these hunts will feed back into the detection development process.
We strive to make our detections as accurate as possible. Automation is used extensively to avoid repetitive tasks. When investigating alarms, you will have a range of internal and external information sources at your disposal.
If you're comfortable with scripting languages, such as Python or PowerShell, you will be able to put your knowledge into practice by expanding the features of our analytics platform.
• Develop detection analytics
• Hunt for attackers using available data and tools
• Analyze and process alarms
• Stay updated on adversarial tactics, techniques, and procedures
• Collaborate with Equinor’s cyber security incident response team and other stakeholders when handling incidents
We are looking for both junior and experienced candidates that have a first experience in / a strong interest for / or the will to learn:
• Knowledge about threat actors and their TTPs
• Log analysis
• Scripting (e.g. Python) and SQL
• Security devices and tools
• Enterprise IT systems
• Network security monitoring
• Securing and monitoring industrial automation and control systems
• Experience from security work or IT operations in large organizations is desired. Experience with cloud and operational technology systems is a plus.
• Clear and concise communication both verbally and in writing
• Team player
• Analytical skills and possess the ability to think critically
• Curious and knowledge-seeking
• Ability to live by our safety and security expectations
We offer competitive salaries, a general bonus scheme, good pension and insurance schemes and a comprehensive welfare package. Equinor wants to ensure diversity in terms of gender, age and culture.
Make sure that we are able to give your application consideration: Please attach copies of your diplomas, certificates and grades in English or Norwegian (or another Scandinavian language). Applications submitted without such attachments will unfortunately not be evaluated. If you are in the process of completing a degree, please upload an official temporary transcript or other document describing subjects and grades completed to this point.
Our values are to be courageous, open, collaborative and caring. We believe in these qualities, which are essential for building an even stronger Equinor. If you can identify with them, you could be the one to strengthen our team.
Candidates are expected to openly offer all relevant information about themselves during the recruitment process.
All hires will be screened against relevant sanctions lists to ensure compliance with sanctions law and increase security.
Please be aware that no applications or attachments to applications will be accepted via email.