Description
Big Data Security SpecialistJob Mission
As a Big Data Security Specialist you are part of the Application Security team.
You will be responsible for conducting detailed and in-depth security assessments both new and existing data-centric applications, assist and advice (big)data-related projects on security related questions and help drive the security improvements. You will be interacting with stakeholders on different levels in IT.
In this role you will also be participating in PI events and as a Subject Matter Expert (SME) involved in the Agile Release Trains (ARTs).
The role is contributing in protection of information, Intellectual Property (IP) and assets, and customers and suppliers for the scope of the projected solution.
- 12 month contract (to extend long term)
- Fully remote in EU
- €70 per hour
- Netherlands, Veldhoven
Job Description
As a Big Data Security Specialist you will be responsible for:
- Performing project intake assessments in cooperation with the Project Security Officer;
- Assessing applications and systems to be implemented or actual implementations based on assessments of high and low level designs, interviews and/or testing;
- Assessing existing or new IT services (on premise or cloud) on technical vulnerabilities and weaknesses based on processing and tooling;
- Translating assessment results into an Information Security Specification (security plan for service);
- Communicating observations to the relevant stakeholders, advice on mitigation and follow up on actions;
- Adding information to the different security registers from Business Impact assessments (BIA's), IT Security Assessments (ITSA's), penetration/security tests, vulnerability scans, exceptions and other sources;
- Adding information to security finding register, which contains all security assessment findings and risks that are reported within the TSCC, and is used to follow up on security assessment findings;
- Assuring and monitoring the effectiveness of our application security controls;
- Representing, on occasion, the TSCC in IT projects and intake boards where required;
- Assessing IT security exception requests on validity and provide advice to the team lead application security and business stakeholder for acceptance or rejection including advice on additional security controls;
- Improving procedures to keep the security registers, application registers and assessment processes up to date;
- Training and coaching DevOps teams on security aspects, standards and security solutions in CI/CD.
Education
- One or more of the following valid certifications is a plus:
CISA
CISSP
CCSP
ISO
CKS
CDP/CDE
Azure or Google Security, Data engineering or Data Science-related certifications
SAFe certifications.
- Security/Technical/IT/informatics/Data Science background: bachelor's or master's degree (or equivalent experience);
Experience
- Min 6+ years professional experience with a focus on IT applications / information security, risk and compliance;
- Experience in executing Threat and Vulnerability Analysis (TVA) or IT Security risk assessments on IT services and data-centric applications;
- Securing data-centric or analytical platforms and applications.
- Securing data ingestion and processing pipelines (on premise, hybrid or cloud);
- Knowledge and/or hands-on experience with common (big) data environments and languages, such as Data Lakes, Big Data Storage and Computing, Hadoop, Spark, Python, Analytics Reporting Tooling;
- Security on a wide range of SAP (HANA) applications is a plus in this role;
- Experience with Scaled Agile Framework (SAFe) is a plus;
- Experience with (Cloud) Security Architecture is a plus;
- DevSecOps: securing Container environments and CI/CD pipelines (preferably through automation)
- Hands-on experience in security assessments and risk assessment of one or more of the following security domains:
Storage
Encryption
Connectivity/Network
Access/IAM
Operations (e.g. hardening, patching)
- In-depth working knowledge of IT Risk / security frameworks and best practices, such as: NIST, ISF, NIST or ISO framework;
- Advising management stakeholders on security maturity and influence decision-making.
Send your CV and number to