Description
The scope of the mission is:FW rules validation
•Privileged access rights validation
•To represent the IT infrastructure security in projects (regional / global) and towards our customers
•To ensure compliancy with the Information Security Policy
•To contribute to projects, security approvals, validation of architecture designs in collaboration with our architects, as well as with the technical and operational departments
•To act as a consultant with the technical Domains like Workplace, Distributed Systems (server, databases) and Network.
•Collaboration with our Customers Security Departments ; Business Security and IT Security
•Contribution to international security standard definition/ topics within Group Security
•Support as representative of GRS in Audit and Penetration Testing
Profile :
•Certification : Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
•ISO 27001, ITIL, COBIT
•IT Security organization and processes : in depth knowledge of vulnerability management, patch management, security event management, privileged user management, fire id management, password management, antivirus management, security policy compliance
•Operating systems : Windows, UNIX, Linux, VMWARE
•DBMS and Operating Systems security settings as well as O.S. hardening
•Skills in network architecture and design :firewall (Checkpoint, Algosec, etc.), IP Sec VPN/SSL-VPN, IDS/IPS, NAC, creation of security concepts, routing/switching & TCP/IP
•Fundamentals of cryptography, encryption technologies and authentication schemes (3DES, AES, hashing, PGP, Win EFS, PKI, smartcard, SSL certificates, LDAP, AD, TACACS…) and the process of key management
•Proxy and content filtering systems, antivirus and antispyware (Bluecoat proxy-cache, SmartFilter, IronPort, Finjan, Sophos, Symantec…)
•Project Management
•Thorough understanding of log analysis, intrusion detection and prevention network traffic tools
•Strong Analytical skills
•Security governance : concepts and guidelines
•Audit / hacking techniques and penetration testing
•Diplomacy and pragmatism: ability to transform governance into technical solutions
•Fluent in English as this is the communication language in the region and Group, active knowledge of French and/or Dutch