Job Description

Job Category: IT and Software
:

• Conduct regular security risk assessments for web applications, APIs, and underlying cloud infrastructure (AWS preferred).
• Manage the vulnerability management lifecycle - identify, validate, track, and remediate findings using tools like Snyk, AWS Inspector, or internal scanning utilities.
• Collaborate with development and QA teams to embed secure coding standards and automated security checks into CI/CD pipelines.
• Perform threat modeling, data flow analysis, and impact assessments for new product features and architectural changes.
• Monitor application and infrastructure security logs and alerts to detect anomalies, respond to incidents, and document root cause analysis.
• Ensure compliance with internal ISMS policies and regulatory standards - including encryption, access control, and data retention.
• Conduct periodic access control reviews to uphold the principle of least privilege.
• Support encryption, key management, and API token lifecycle management across development and production environments.
• Maintain up-to-date security documentation, including risk registers, SOPs, and audit evidence.
• Assist with external and internal security audits, preparing evidence and tracking corrective actions to closure.
• Promote security awareness across engineering and operations teams through training and sharing of best practices.

Responsibilities:

• Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave)
• Medical benefits ( Insurance and Annual Health Check-up)
• Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance)
• Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme)
• Additional Benefits (Long Service Awards, Mobile Phone Reimbursement)
• Company bonus/Profit share.

*Benefits may vary based on position, tenure/contract/grade level*
DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity.
Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 2+ years of hands-on experience in cybersecurity, preferably in a SaaS or cloud-based environment.
• Strong understanding of cloud security (AWS), OWASP Top 10, and secure SDLC practices.
• Experience with vulnerability management tools, SIEM, and DevSecOps pipelines.
• Familiarity with ISO 27001, SOC 2, and GDPR compliance frameworks.
• Relevant certifications (e.g., CompTIA Security+, AWS Security Specialty, CEH) are a plus.

Security and compliance with statutory requirements in the countries in which we operate is essential for DNV. Background checks will be conducted on all final candidates as part of the offer process, in accordance with applicable country-specific laws and practices.
About Us:
About Energy Systems
We help customers navigate the complex transition to a decarbonized and more sustainable energy future. We do this by assuring that energy systems work safely and effectively, using solutions that are increasingly digital. We also help industries and governments to navigate the many complex, interrelated transitions taking place globally and regionally, in the energy industry.

Skills Required