Description
Background:
My client is a Brussels based international bank looking for a Technical/Project Support person for the IT Security Management (ITSM) team. ITSM ensures that the technology infrastructure at the bank protects corporate assets from unauthorised access, modification, disclosure and destruction. ITSM is the service owner of the logical security domain and infrastructure through the implementation of security services and infrastructure, risk assessments, requirements setting, and active participation in the project delivery life cycle, as well as ensuring adequate processes and procedures for the security administration teams.
Tasks:
- Design and implement procedures and controls necessary to ensure and protect information systems assets. Advise and assist on high level security design of new applications or implementation of packages, to ensure secure operation within the environment.
- Perform risk assessments and define application and infrastructure-related security requirements for business and IT projects mitigating the identified risks. This includes detailed reviews of business initiatives, project proposals, technical designs and project life cycle documentation;
- Follow different projects and initiatives to ensure consistent and adequate implementation and testing of the security requirements;
- Act as security architect or subject matter expert in one major area of security. Produce documented security processes or architectures. Ensure prevention of intentional or inadvertent access, modification, disclosure or destruction;
- You would be the security point of contact for the business, technical and project teams.
Skills: At least 5 years experience in IT Security with a good technical background to design and maintain operable security services and exposure to implementing security services like authentication, access control and governance, IAM, PKI, network security, application security etc.
You should also have good knowledge of regulations and risk management as the bank operates in a highly regulated business environment. The candidate must have a broad security background and a good technical background in the distributed system area eg. Unix, Windows as well as network and application security.
Your technical skills must include any combination of:
1) Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27001 security controls;
2) Application security knowledge besides Unix and Windows System security;
3) Authentication and access controls Security services (Authentication and authorisation schemes, access controls, Single sign-on etc.);
4) Design Middleware and application level security processes and controls;
5) Networking & Firewalls: sound knowledge of network principles and protocols.
Preferred professional certifications are CISSP, CSSLP, GIAC, GWEB, Windows or Unix security certification eg GIAC, Critical controls certifications, Certified systems and network auditor.
Language: English