Cyber Security Manager

Are you passionate about Cyber security? Do you want to help defend independent journalism and the free press from cybersecurity threats? Do you want to work with high-traffic internet websites?

We are looking for someone who wants to create a cyber security culture in Schibsted News Media. We are one of the largest media organisations in the Nordics and consist of several large online newspapers in Norway and Sweden like VG, Aftonbladet, Aftenposten, SvD, BT and smaller sites like tek.no, minmote.no and godt.no.

As a Cyber Security Manager you will work across the organisation, both with engineering teams to establish a security culture and build security into their products and with journalists to make sure they avoid cybersecurity risks. You will also be part of a larger cyber security community in Schibsted consisting of security managers and security engineers from other Schibsted companies.

Your main responsibilities will be:

• Create a cyber security culture across Schibsted News Media
• Develop our community of cybersecurity champions
• Maintain our security strategy, risk log and roadmap
• Own our private bug bounty program
• Help to implement security best practices across the organisation
• Respond and mitigate security incidents together with our SOC
• Identify risks and launch initiatives to fix security vulnerabilities found by automatic scanning tools.
• Security training of developers and journalists

We would like you to have most of the following:

• A strong security background
• Good communications skills
• Good people skills and appreciate working with other people to solve security problems
• Excellent skills in spoken and written English. Proficient in a Scandinavian language is a big plus
• Committed, self-driven and like to take initiative for improvements
• A bachelors or masters degree in computer science or similar is nice, but experience matters more. Security certifications like CISSP will also be appreciated
• A strong Linux/Unix background
• Experience with securing large, high-traffic web applications including penetration testing and/or DAST- and SAST-tools
• Experience with DevOps practices and infrastructure-as-code
• DevSecOps experience with an «automate everything»-mindset
• Knowledge about security in public cloud environments like AWS, Google or Azure
• Knowledge about security in Docker containers and inside Kubernetes environments
• Experience programming in Go, Perl, Python, PHP or other programming languages

We hope you have the following personality:

• A positive and can-do attitude
• Solution-oriented and pragmatic
• An interest in cybersecurity
• An interest in independent journalism and the free press
• Deep interest and curiousness in the technology space of security
• Perseverance and focus on implementing from start to completion

We offer you an exciting position in the heart of one of the biggest media- and tech companies in Norway and Sweden with a competitive salary and benefit package. Schibsted News Media operates several high traffic internet sites with a lot of interesting challenges and has amazing colleagues across Norway, Sweden and Poland