Description
Background:
My client is a Brussels based international bank looking for a Technical/Project Support person for the IT Security Management (ITSM) team. ITSM ensures that the technology infrastructure at the bank protects corporate assets from unauthorised access, modification, disclosure and destruction. ITSM is the service owner of the logical security domain and infrastructure through the implementation of security services and infrastructure, risk assessments, requirements setting, and active participation in the project delivery life cycle, as well as ensuring adequate processes and procedures for the security administration teams.
Tasks:
- Designs and implements controls and processes necessary to ensure and protect information systems assets. Perform risk assessments and define application and infrastructure-related security requirements for business and IT projects. Advises on high level security design of new infrastructures, systems and/or applications to ensure secure operation within the environment;
- Perform security validation to ensure effective implementation of security controls;
- Defines, implement and ensures the proper functioning of security trust services within his security domain in line with IT security policies. Recommends and advises on new or improved security services to IT security Management;
- Ensure the adequate functioning of security services in the Identity and access management and data protection domain;
- Defines the security tests to ensure compliance with the requirements and supervises test execution. You will report back to the projects and management on the results;
- Produces documented security services, technical standards or principles;
- Act as security subject matter expert in a security domain and be the security point of contact for the business and project teams.
Skills: Minimum 5 years experience in the IT security domain.
You must have proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.
You will have any combination of the following technical skills:
1) Sound security design principles, based on confidentiality, integrity and availability requirements and other NIST or ISO27001 security controls;
2) Authentication and access controls Security services (IAG, IAM, Authentication and authorisation schemes, access controls, Single sign-on, etc);
3) Application security knowledge;
4) Design Middleware and application level security processes and controls;
5) Networking & Firewalls: sound knowledge of network principles and protocols.
Ideally you should be MSc, CISSP, CISM or CISA certified.
Language: English