Description
Description of the mission:
You will manage cybersecurity operations, together with the current SOC, main IT services suppliers and internal IT operational teams.
You will be responsible for the incident, change, problem management on security matters such as:
- Analysis of security events as they occur in managed environment (FMO) and unmanaged environment (CMO)
- Assess security impact during change management
- Ensure follow-up and full resolution of security incident and proper communication during incident
- Coordinate external and internal teams in case of cybersecurity incidents
- Provide technical operational support on Zscaler platform and ensure migration of support to new signed BT contract
- Evaluate and approve security change request (like Firewall rules, 3rd party management, generic user creation)
Assist the SOC in identifying, developing, implementing and maintaining vulnerability management and penetration testing processes across the organization to reduce risks, and limit exposure to vulnerabilities:
- Implementing vulnerability management process and network vulnerability scanning
- Configure ad-hoc vulnerability scans for the organization
- Assist remediation efforts, providing detailed explanations for vulnerabilities that were discovered along with steps required to remediate the vulnerability
- Collaborate with other departments outside security to provide actions and follow-up remediation plan
- Analyze outcome of penetration testing and make remediation plan
- Assist the solution design and architecture team in high level security architecture, system security designs, implementation and management of information security systems and/or programs for the protection of the environment.
- Participate and advise in creation and review of security policies & standards.
- Provides and verify security KPI's and status reports on security matters
Create user awareness around information security and cyber security:
- Educate teammates across the organization on best practices and the impact Information Security
- Publish regular newsletter on security blog about security (company) news
Requirements:
- Knowledge of security technologies (encryption, Firewalls, data protection, design, privilege access, etc.), ideally on BS products and services like Microsoft, Symantec, Zscaler, Nessus, Cisco, )
- Knowledge of security design and engineering, specific on Windows environment
- Knowledge of networks technologies (protocols, design concepts, access control)
- Experience with vulnerability scanning based on Nessus Tenable
- Experience in Zscaler operations and platform is an asset
- Security certifications are an asset
- Teamworker
- Needs to have a deep knowledge in English with a good knowledge of French or Dutch