Offensive Security Tester

Hydro is strengthening the organization within the area of Cyber Security. As a result, Group Information and Technology is looking for a skilled Offensive security tester with deep technical knowledge to strengthen the proactive assessment of cyber security threats relevant to Hydro’s Information and technology assets within IT and Industrial Control Systems areas. The ethical hacking and penetration testing team is working as an integral part of the Group Information & Technology staff being the second line of defense function in Hydro Group.

This position will be part of a team of highly skilled penetration testers and take part in testing against Information & Technology assets across the Hydro group. From Industrial Control System in plants across the whole value chain of aluminium and energy production to systems and applications connected to a global IT platform serving Hydro globally. The work will include collaboration within a global Information & Technology community across cultures, countries and plants, where the testing will also include travelling to other Hydro locations.

What We Offer

• Professional growth: we are committed to your professional development. You'll have access to ongoing training, certifications, and opportunities to attend industry conferences.
• Flexibility and autonomy: Freedom to shape your workday and approach, supported by our commitment to a healthy work-life balance.
• Break into OT systems: Gain hands-on experience with Operational Technology (OT) systems, enhancing your skills and expertise in this specialized area.
• Global travel: Travel and work in various locations around the world. With Hydro’s presence in more than 40 countries, you’ll experience diverse cultures and environments while hacking into Hydro’s plants.
• Active social groups: Join our Hydro Active group and participate in various social activities and events.
• Meaningful impact: Be part of a newly formed team where you will have the opportunity to shape its direction. Your work will directly contribute to securing Hydro's systems and data.
  
  

Key responsibilities:

• Scope and execute penetration tests and vulnerability analysis on a variety of systems, networks, and applications to identify vulnerabilities and weaknesses.
• Report on findings from penetration tests and security assessments.
• Stay up to date with the latest security threats, attack techniques, and industry best practices to continually improve testing methodologies.
• Conducts threat assessments to identify what threats are most likely to target Hydro, and how they would execute their attacks.
• Provide consultative advice and coaching to cybersecurity stakeholders to help them make informed risk management decisions.
  
  

Penetration tester requirements:

• B.S. or MS in Computer Science, Computer Engineering or related degree.
• Minimum of three years of related experience in penetration testing and security assessments.
• Experience from Red Team, Purple Team, Ethical Hacking or other penetration testing activity.
• Subject matter knowledge from utilities or manufacturing industries using industrial control systems within plant operations
• Strong verbal and written skills in English and Norwegian
• Ability and interest to develop external peer network for sharing intelligence.
• Self-motivated and possessing of a high sense of urgency and personal integrity as well as living by the highest ethical standards and values
  
  

Optional Certifications: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester Certification (GPEN), GIAC Red Team Professional (GRTP), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Experienced Penetration Tester (OSEP)

Additional information:

The position is located in Oslo, Norway, and reports to the Cyber Security Manager – Ethical hacking being part of the Cyber Security Strategy & Risks team lead by Hydro CISO.

Please enclose a cover letter and copies of relevant academic transcripts, diplomas, certificates etc. Only applications received through our online system will be considered, not via e-mail.

As part of our recruitment process, we use Semac for background check

Apply before: 06.03.2025

If you have any questions, please contact:

Hiring manager

Henriette Borgund

Phone: (Norway +47) 48127368

Recruiter

Birgitta Sanden

Phone:(Norway +47) 97031556