Security Consultant

FR  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Job purpose

- In conjunction with the Lead Security Architect develop and maintain an Information Security (IS) strategy for the my client; ensure the IT Strategy is aligned with the Global IT strategy, Business Objectives, Global IT programs eg Global Front Office refresh, and group policies & standards.
- Support the Group Security Management team in safeguarding the confidentiality, integrity and availability of my clients information assets by authorized users and by ensuring the most appropriate security technology is selected.
- Act as the my clients Security Architect ensuring all client architecture complies with the clients Policy & Security best practices.

Main Tasks & Responsibilities

- Support team in developing a client specific Security Architecture framework focused on covering the following core areas of concern authentication, authorization, audit, assurance, availability, asset protection administration and risk management.
Ensure this process is implemented and adhered to by all Information Security personnel across the IT Organization.
- Work with the Policy & Awareness Manager to ensure the client Security Strategy & Security Architecture standards are contained within the IT Policy framework.
- Develop and maintain an up-to-date Security Technology landscape definition to help in development of Security and IT Strategy.
- Research, review and evaluate new security technology and where appropriate make recommendations to the IT Leadership Team to incorporate those technologies into the clients IT environment.
- Ensure the client IT development complies with security best practices and policies.
- Review of source code to identify vulnerability.
- Both operational testing tasks and strategic tasks: Coordinate security test resources (both internal & external); Research, evaluate, review and recommend the most appropriate security testing technology. Be in charge of part of the tests. Ensure other security tests are carried out across all regions/countries and ensure report findings are followed up and remedial activities carried out.
- Provide concise, relevant and informative Threat Management Reports to IT Management on the status of security technology and overall associated risks within the IT environment.
- Provide support as required for all other security related matters as reasonably requested by the Global Head of Information Security, Risk & Compliance and Lead Security Architect.
- Provide oversight and governance of providers of enterprise security applications, platforms and services through the definition of security measures and clauses to ensure Managed Security Services are sustainable to meet customer needs. 
- In collaboration with SDM and the Lead Security Architect, develop and deliver an SDLC and Secure Coding standard to ensure security is Embedded throughout the development Lifecycle.

Requirements:

Education requirement:

- University degree preferably in a technical subject or any comparable education. Master is preferred.

Experience:

- 5-8 years' overall experience/3-5 years' experience in a similar role and within a multinational organization.

Preferred certifications:

- CISSP, Togaf 9.1, Zachmann, Sabsa, MCSE 2008 R2 or greater, Certified Ethical Hacker v9 (C.E.H)

Knowledge:

- Security testing tools such as Fortify on demand.
- In depth knowledge of Risk Management frameworks and demonstrable knowledge in key Information Security standards (such as COBIT, RiskIT, ISO 27001).
- Proven knowledge and real world experience of Security Architecture, Enterprise Architecture frameworks/methodologies and in particular Threat Modelling techniques.
- Proven knowledge and real world experience of Project Delivery Methodologies such as Prince 2, SCRUMM and Agile.
- Linux, Windows, Unix
- Good to excellent command of English language.

Experience with:

- Development background (C#, Java, HTML 5, Eclipse)/hands-on experience and experience in security strategy preferred.
- Application testing experience
- Demonstrated experience and exposure in the international security arena dealing with security-related issues.

Personal attributes:

- Positively influencing key decision makers/stakeholders of a large multi-faceted enterprise organization. Good ability to convince and influence stakeholders from all backgrounds
- Strong team player
- Ability to build pro-active, co-operative working relationships with customers, peers and key stakeholders based on respect and team work.
- Experience with and sensitivity for different cultures.
- Ability to act under strong pressure and to manage efficiently crisis situations.
- Good in leadership, inspiring, encouraging and providing constructive criticism to help improve performance of colleagues.
- Able to evaluate information, identify key issues and formulate conclusions based on sound, practical judgment, experience and common sense.

Spring Technology is acting as an Employment Business in relation to this vacancy.

Spring Technology is an Equal Opportunities employer; we welcome applicants from all backgrounds.

Start date
ASAP
Duration
3 months
From
Spring Technology
Published at
03.12.2016
Project ID:
1249547
Contract type
Freelance
To apply to this project you must log in.
Register