Description
Security Analyst/Security Business Analyst (Data Protection) - Brussels - English speaking - 12 months+
(Security Consultant, Security)
One of our Blue Chip Clients is urgently looking for a Security Analyst/Security Business Analyst.
Please find some details below:
Description: Security is at the core of the company's services, firmly Embedded in their management systems and processes.
The Data Protection Governance team is part of the Cyber Information Security Office Division and is in charge of defining the strategy, analysing requirements and guiding the Data Protection Engineering team in implementing, operating and managing Data Protection Software used to detect and protect data from corruption, compromise or loss.
You will work at Client headquarters in the centre of Brussels.
Role:
This is a Security Analyst role where you will define the strategy for managing the security of the company data and help engineers and security architects in the design, selection and operation of Data Protection, the products' life cycle and configuration. This role includes defining requirements, scoping initiatives, working on the governance aspect of data protection but also reviewing design of new products, reviewing integration of new applications, and reviewing support/maintenance procedures.
In the Data Protection Services Governance team, you are expected to:
Participate to the definition of the Data Protection Department Strategy
Define requirements for the different initiatives of the Data Protection Department
Define requirements for the product selection to implement the Data Protection Strategy
Help Project Leaders lead the different initiatives of the department from a content point of view and ensure review and understanding
Ensure reporting of the evolution of the Data Protection controls and their compliance to regulation
Participate to Audits by answering compliance objectives and questions related to data protection
Participate in the ongoing monitoring our encryption posture for data in transit, data at rest and data in use.
Assist with the improvement of the encryption solutions by reviewing and updating the encryption policies and identifying rules/requirements which require fine tuning
Assist in the selection, architecture, design, implementation and maintenance of the data encryption tools
Assist in the enforcement of the encryption policies with the respective data owners
Identifying vulnerabilities of attacks to cryptographic systems
Comparing and contrasting various cryptographic attack techniques
Analyzing data using mathematical/statistical methods
Assist in conducting security evaluations and contribute to the design of counter-measures to address cryptographic vulnerabilities
Participate in defining remediation actions to meet internal and external regulatory requirements
Partner with representatives of CISO, IT, Risk and other key business teams to advance data protection initiatives
Develop a high-level of trust with stakeholders to ensure on-going commitment
Foster a team environment, open to communication and collaboration
Qualifications, Skills and experience:
A combination of several of the below should be covered:
IT-security professional with solid experience in the infrastructure security domain or in the IT application security domain.
Knowledge of market standard control frameworks such as CIS TOP20, NIST 800-53 Rev.5, etc.
Familiarity with data protection controls such as encryption, hashing, data signing, data anonymisation, DLP, etc.
Experience in IT Risk Assessment and understanding the difference between Inherent Risk, Residual Risk, Control effectiveness, etc.
Knowledge and understanding of different encryption solutions, key management, etc.
Experience in implementing data protection policies, data classification and encryption of data
Experience with automation using Scripting/programmable knowledge and working knowledge (Shell, PowerShell, Python, SQL, etc.)
Experience with SQL, Datamodelling and technical documentation
Cybersecurity training and certification such as CISSP, CISA, CISM or equivalent is a plus
Interpersonal Skills:
Able to solve complex problems
Creative and sees the bigger picture when addressing issues
Works proactively, thereby keeping possible problems from affecting the overall functioning of the team and make sure the team is successful to deliver the solution
Proficient oral and written communications skills in English, sharing strategy and vision with both peers and management
Driven and energetic, entrepreneurial attitude, hands-on mentality
Take ownership and ensure organizational quality standards are met
Please send CV for full details and immediate interviews. We are a preferred supplier to the client.