Are you passionate about cyber security? Do you want to work with high-traffic internet websites? Do you want to help defend independent journalism and the free press from cyber security threats?
We are looking for someone that wants to help build a cyber security culture in one of the biggest media and tech companies in the Nordics. Schibsted News Media consist of several of the biggest newspapers and internet sites in Norway and Sweden like VG, Aftonbladet, Aftenposten, SvD, BT and smaller sites like tek.no and godt.no.
As a cyber security manager you will be part of the central product and technology organisation, where you will work across the organisation with the Engineering teams to establish a security culture and to support teams to build security into their products. You will also be part of a larger cyber security community in Schibsted consisting of security managers from all of Schibsted divisions.
Your main responsibilities will be:
- Create a cyber security culture across Schibsted News Media and build a community of cyber security champions from each team
- Implement security best practices across the organisation and improve our NIST score
- Respond and mitigate security incidents together with our SOC
- Identify risks and launch initiatives to fix security vulnerabilities.
- Teach important security concepts to development teams, both 1-to-1 and as classroom training
- Review systems and code for security weaknesses and suggest improvements
Skills and Requirements:
We would like you to have most of the following:
- A strong security background
- Good communications skills
- Good people skills and appreciate working with other engineers to solve problems.
- Excellent skills in spoken and written English. Proficient in a Scandinavian language is a big plus
- Committed, self-driven and like to take initiative for improvements
- A Bachelors or Masters Degree in Computer Science is nice, but experience matters more. Security certifications like CISSP will also be appreciated
- A strong Linux/Unix background
- Experience with securing large, high-traffic web applications including penetration testing and/or DAST- and SAST-tools
- Experience with DevOps practices and infrastructure-as-code
- DevSecOps experience with an «automate everything»-mindset
- Knowledge about security in public cloud environments like AWS, Google or Azure
- Knowledge about security in Docker containers and inside Kubernetes environments
- Experience programming in Go, Perl, Python, PHP or other programming languages
We hope you have the following personality:
- A positive and can-do attitude
- Solution-oriented and pragmatic
- An interest in independent journalism and the free press
- Good listening capability
- Deep interest and curiousness in the technology space of security
- Perseverance and focus on implementing from start to completion
We offer you an exciting position in the heart of one of the biggest media- and tech companies in Norway and Sweden with a competitive salary and benefit package. We operate high traffic internet sites with a lot of interesting challenges and have amazing colleagues across Norway, Sweden and Poland.