IT Security Specialist at SMHI

Do you want to become SMHI's new cyber defender and work in a demanding IT environment where modern technologies and smart working methods are standard? We are now looking for an IT security specialist who wants to grow and explore SMHI's digital landscape with the aim of ensuring that our systems and IT environment are protected against threats and intrusions.

About SMHI's IT Operations

A well-functioning IT operation is crucial for SMHI to fulfill its mission. We achieve this by providing user-friendly, cost-effective, and purpose-driven IT services and tools. The IT department consists of about 110 people distributed across four units: architecture, digital workplace, system development, and IT production.

Our IT security specialists belong to the IT production unit, which consists of about 45 colleagues divided into four groups that together are responsible for infrastructure including security, operations, and service of SMHI's important IT environment. The work is characterized by participation and teamwork within and between groups and units. For example, collaboration with the remaining infrastructure operations is fully integrated, which means that our unit comes into contact with the entire range of IT infrastructure. Innovation and flexible working methods are crucial factors for achieving an efficient operation. We constantly have a lot going on, but as an employee, you are still offered great opportunities for professional development both in breadth and depth.

About the Position

As an IT security specialist, you will work with cybersecurity in several different dimensions. We work proactively through environmental monitoring and by following up on the development of events, both large and small. Furthermore, we strive to improve the authority's ability to see what is happening in the IT environment to take appropriate action when needed. We follow up on incidents and review event chains, dig into logs, and look for other signs of cyber-related deviations. As an IT security specialist, you also provide important support to the entire SMHI organization to prevent and deter intrusions.

Together with your colleagues, you will identify opportunities for improvements, prioritize based on desired outcomes, and strive to continuously reduce risks and minimize the consequences of cyber incidents. This may involve developing and implementing new security-enhancing functionality or supporting various technology groups with, for example, hardening platforms and systems, as well as ensuring that technology development occurs in harmony with IT security goals.

You actively participate in threat intelligence, assess the consequences of potential vulnerabilities, and communicate with the organization about risks and risk-reducing measures. You identify and classify events and deviations in the IT environment, minimizing risks and vulnerabilities through technical solutions or by promoting the entire organization's awareness, knowledge, and ability to prevent cyber threats.

The position involves placement in a security class. Swedish citizenship and an approved security clearance with a background check according to the Security Protection Act (2018:585) are therefore prerequisites for employment.

About You

We are looking for someone who has recently completed their education in IT security and has gained at least 1 year of work experience in IT security or infrastructure. Alternatively, you may currently work within IT infrastructure, such as networking or server operations, and wish to switch to and develop within the IT security field.

Post-secondary education in IT security or equivalent competence and work experience in IT infrastructure is a requirement, as well as good knowledge of Swedish and English, both spoken and written.

We consider it meritorious if you have experience in ethical hacking, incident management, or programming in languages such as Python, PowerShell, or shellcode.

We also see it as a strong merit if you have experience/competence in:

• EDR platforms
• SIEM/log analysis
• Digital forensics
• Mission-critical environments
• Penetration testing and vulnerability scanning

We also appreciate competence in networking and/or server virtualization, as well as basic scripting/programming skills in Python, PowerShell, or shellcode.

Your personal qualities and abilities are important for succeeding and thriving in the role of IT security specialist. At your core, you are curious and have a burning interest in technology. You enjoy new solutions as well as change and continuous improvement. You have your own drive and remain motivated and effective even when the results of your work are not immediately apparent. You work closely with your colleagues, which requires collaboration and relationship skills, while you also have personal responsibility to drive and manage your own areas of responsibility. We would like you to have a broad interest in technology and be motivated to work alongside qualified IT professionals in an exciting and challenging environment.

Employment type: Permanent position

Location: Norrköping

Application deadline: 2025-05-04

SMHI is a Swedish expert authority with a global perspective and a vital task in forecasting changes in weather, water, and climate. Based on scientific principles and through knowledge, research, and services, we contribute to increasing the sustainability of society as a whole. Every day, around the clock, all year round.

SMHI is a preparedness authority, and as an employee, you may be placed in a war position at the authority.

Keep in mind that the documents and information you send to SMHI through your application become a public document. This means that all material in the application, including attachments, may need to be disclosed to anyone who requests it unless the information is covered by confidentiality according to the Public Access to Information and Secrecy Act. Please ensure that you primarily write what you consider relevant in relation to the requirements of the position. Consider your privacy and avoid providing information that contains sensitive personal data, information about your or a close relative's health, political opinions, or religious beliefs.