Upgrade Post project

Penetration Tester (IT Security Analyst)

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Network Tester Writing Reporting Security WAN Application IT Security Test Design

Description

Penetration Tester (IT Security Analyst)

You will join Security Assurance & Testing team who manage and coordinate:

  • Testing of critical security controls
  • Relationship with regulators,
  • Cyber dashboard & Reporting
  • Security governance structures (Group Security Committee, Service Dialogues...)
  • Penetration testing
  • Red team Exercises

Role:

  • Plan & coordinate penetration tests with external provider
  • Analyze penetration test reports and produce digests/synopsis
  • Present & discuss the outcome of the Pen Test results to all relevant stakeholders
  • Ensure the timely and effective remediation of security weaknesses and defects revealed in penetration testing activities
  • Maintain an operational dashboard of applications/infrastructure/other assets requiring the testing, based upon schedules/frequencies
  • Define, produce and publish compliance reporting

Skills and experience required:

  • be a team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. The candidate will take ownership and ensure that organizational quality standards are met.
  • be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.
  • proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.
  • Familiarity with industry best practices in key domains: penetration testing, application/infra/network security, identity and access management, and secure development on all platforms.
  • Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset;
  • Application security knowledge with a good understanding of software development and OWASP guidelines
  • Sufficient background knowledge with regard to network principles and protocols used in WAN and LAN's, DMZ, Internet security, network segregation
  • Experience with a subset of Unix, Windows System, Tandem, Mainframe security and assurance

Preferred professional certifications are CISSP, GIAC, CISM, CISA, ISO 27001 LA/LI.

Start date
ASAP
Duration
8 months
From
Base 3
Published at
26.10.2018
Project ID:
1656091
Contract type
Freelance
To apply to this project you must log in.
Register