Description
Cyber Security Expert/Application & Data Layer/Network Zoning/Authentication/WAF/IBM Mainframe/HP Tandem
Key Skills and experience required:
You have a proven experience in large-size application development of highly resilient systems, and more specifically in dealing with cyber security impacts on large IT driven organization. You also have a clear understanding of an heterogeneous application landscape, design, development and operations.
Experience in
[Must] Multi-Factor Authentication concepts, solutions, application impacts, roll-out strategies
[Must] Network Zoning concepts, solutions, application impacts, roll-out strategies
[Must] Internet Access Segregation concepts, solutions, application impacts
[Must] Access Management (role-based, privileged) concepts, solutions, application impacts, roll-out strategies
[Must] Application Protection (through WAF) concepts, solutions, application impacts
[Must] Secure Development Lifecycle concept & processes (incl. in an outsourcing context)
[Desired] Cloud Security Strategy concepts, solutions, application impacts
[Desired] IT asset management & inventory in support of the cyber-resilience processes
Technology skills
Knowledge in key technology stacks: IBM Mainframe (DB2, Cobol, PLI, CICS), HP Tandem and distributed (Linux, Windows)
Soft skills
You are able to steer design & development teams
You have good analytical skills
You can abstract generic/transversal solutions for individual problems
You can address problems globally but are also able to go into details when required
You demonstrate good communication and negotiation skills
You speak/write English fluently (French or Dutch is an asset)
You have the ability to drive and work with a virtual team
You are meticulous in your work
About the role:
You will be part of the Information System Architecture team and as security subject matter expert in the team, you will play a key role in assessing the impacts of the cyber security requirements on the application & data landscape and application development processes, defining fit-for-purpose responses, and transitioning these solutions to the project delivery departments.
The role focuses on the security impacts on the application & data layer, not on the infrastructure aspects.
During the initiation phase of each project of the cyber resilience programme, you will:
Review and challenge when necessary the identified requirements, drive the impact analysis at the level of applications & data, and define optimal solutions within the heterogeneous landscape. This will require interactions with the IT Security Architects, the Corporate Technology Solution Architects and the Application Owners to articulate the impacts, identify integration solution alternatives, etc, Define an optimal roll-out plan to cover all the impacted applications assets, Develop guidelines, standards and integration patterns (with the security components) to ease the adoption of the cyber-related solutions.