Cyber Security Researcher

Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence.

As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations.

About Group functions
Group functions in DNV are experts on finance and accounting, human resources, communication and sustainability, legal, tax and compliance – providing company-wide support, governance and strategic projects. Group also includes our strategic Research and Development unit, which provides science-based insights and foresight to tackle transformations and challenges across the industries we serve.

About Group R&D and the Cyber Security research program

Group Research and Development (GRD) performs strategic and applied research for DNV focusing on knowledge development through collaborations with academia and industry, providing thought leadership through external publications and forecasts, and creates scientific legitimacy to DNV services. A major focus for GRD is to shape the future of cyber security and resilience.

The Cyber Security research program conducts strategic research and develops innovative methods and tools based on a common risk approach to shape the future of assurance in cyber security, addressing technological, societal, human factors, and trust-related challenges across industries. Our aim is to secure industrial assets, high-risk cyber physical systems, and critical infrastructure. We explore the impact of new technologies such as AI and quantum computing, alongside evolving security regulations. We drive innovation through demonstrators and prototypes, testing novel security approaches and barrier principles.

The program was recently formally established and is currently in the process of developing a strategy and identifying the directions for research. We are aiming for an interdisciplinary team with researchers with both technical and non-technical backgrounds.

About the role

You will be taking part in the building of the team, shaping our research priorities, and exploring relevant research areas. You will play a key role in cutting-edge projects focused on industrial cyber security, where IT and OT meet and new threats arise, new legislation, regulations and standards come into play, and the development of new assurance roles for DNV. Your main responsibilities will include:

• Conduct in-depth research on industrial cyber security, legislation, standardization and global regulatory trends.
• Monitor and summarize developments from major standards bodies, government agencies, international agencies, and academic forums.
• Analyze and distill implications of the national, regional, and global trends for assurance of cyber security and resilience.
• Develop pilots to demonstrate use of AI with curated cyber security information repositories and knowledge graphs.
• Collaborate with interdisciplinary teams in joint R&D activities to translate research into novel assurance frameworks for cyber security.
• Collaborate with external academic and commercial partners in externally funded research projects, both nationally and internationally.
• Take the role of PM for internal and externally funded R&D projects on our core research topics.
• Communicate through briefs, position papers, presentations, and thought-leadership articles for internal and external audiences.
• Bring research into action either in DNV business areas or at our customers.

What we offer

You will be part of an international and interdisciplinary team working together to ensure industrial systems are both safe and secure in the future.

• Flexible working arrangements to support work-life balance.
• A supportive and inclusive environment that values diversity and encourages collaboration.
• A work environment committed to diversity and continuous learning.
• Opportunities to work on impactful projects that shape the future of cyber security.
• A collaborative culture that encourages knowledge sharing and professional growth.
• We offer a comprehensive benefits package, including 6 weeks annual vacation, subsidized canteen, competitive pension, insurance, and parental leave agreement, in addition to a global profit share scheme.
• Plenty of opportunities for our employees to connect through social and professional networks. Our largest community CONNECT, throws after-works and informal meetings all year long for you to join.

If you find these goals exciting, we strongly encourage you to apply—even if you’re not sure you meet all the qualifications. We look forward to hearing from candidates of all backgrounds and levels of experience, and perspectives.

Many of our projects and trials to be performed will include dialogue and collaboration with critical industrial or infrastructure operators and may demand access to their assets. The norm is that DNV will need to document security clearance for our researchers, and such clearance will be a topic in the recruitment process.

About you

Our ideal candidate:

• Has an interest in pursuing a career in applied research in cyber security, risk management, governance, and assurance.
• Has a PhD in relevant technical areas, such as cyber security, computer science, cybernetics or similar.
• Has experience or strong interest in industrial cyber security, risk management, sociotechnical perspectives on cyber security, and assurance.
• Is familiar with key international, national and global cyber security initiatives, such as the Cyber Resilience Act (CRA), NIS1/2, the Critical Entities Resilience Directive (CER), ISO/IEC 62443, and others. Familiarity with risk management methodologies is a plus.
• Has programming skills and is able to contribute to both conceptual work and practical system development.
• Has a structured approach to problem-solving and the ability to communicate complex results effectively across disciplines.

Your personal qualities:

• Strong collaborative mindset, and the ability to work independently and as part of an interdisciplinary team.
• Interest and ability to go deep into technical details and at the same time consider technology and cyber security challenges in a bigger picture.
• Passion and intellectual curiosity about the intersection of technology, organizations, people, law, and standards.
• Interest and ability to work with fast-changing research topics.
• Confident English language communicator, verbal and written.
• Relevant academic and/or business network.

Security and compliance with statutory requirements in the countries in which we operate is essential for DNV. Background checks will be conducted on all final candidates as part of the offer process, in accordance with applicable country-specific laws and practices.

DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity.