Description
Security Consultant - Brussels, Belgium - English speaking
(Security, PKI, Ethical Hacking, Test, Testing, Penetration Testing)
One of our Blue Chip Clients is urgently looking for a Security Consultant.
Please find some details below:
Endpoint security
- OS Hardening (GPO's)
- HIDS/HIPS
- Antimalware protection
- Define Security baselines and check compliance Ethical Hacking
- Footprinting and Reconnaissance
- Scanning Networks
- Enumeration
- System Hacking with Kali Linux
- Sniffing
- Social Engineering
- Denial of Service attacks
- Session Hijacking
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Evading IDS, Firewalls and Honeypots
- Cryptography
Penetration Testing
- Security Analysis and Penetration Testing
- TCP IP Packet Analysis
- Information Gathering
- Vulnerability Analysis
- External Network Penetration Testing
- Internal Network Penetration Testing
- Firewall Penetration Testing
- IDS Penetration Testing
- Web Application Penetration Testing
- SQL Penetration Testing
- Database Penetration Testing
- Wireless Network Penetration Testing
- Denial-of-Service Penetration Testing
- Password Cracking Penetration Testing
- Virus and Trojan Detection
- File Integrity Checking
- Information System Incident Handling and Response Threat Management
- apply environmental reconnaissance techniques using appropriate tools and processes.
- analyse the results of a network reconnaissance.
- implement or recommend the appropriate response and countermeasure on a network-based threat
- secure a corporate environment.
Vulnerability Management
- implement an information security vulnerability management process.
- analyse the output resulting from a vulnerability scan.
- Compare and contrast common vulnerabilities found in the targets Cyber Incident Response
- distinguish threat data or behaviour to determine the impact of an incident
- prepare a toolkit and use appropriate forensics tools during an investigation.
- organize communication during the incident response process.
- analyse common symptoms to select the best course of action to support incident response.
- Summarise the incident recovery and post-incident response process.
Security Operations
- Investigative techniques (eg, root-cause analysis, incident handling)
- Digital forensics (eg, media, network, software, and Embedded devices)
- Intrusion detection and prevention
- Incident Management
o Detection/Recovery/Response/Remediation/Mitigation/Lessons learned/Reporting
- Operate and maintain preventative measures o Firewalls o Intrusion detection and prevention systems o Whitelisting/Blacklisting o Anti-malware
- Implement and support patch and vulnerability management
- Participate in and understand change management processes (eg, versioning, baselining, security impact analysis) Security Assessment and Testing
- Disaster recovery and business continuity
- Implement recovery strategies
o Backup storage strategies (eg, offsite storage, electronic vaulting, tape rotation) o Recovery site strategies o Multiple processing sites (eg, operationally redundant systems o System resilience, high availability, quality of service, and fault tolerance
- Implement disaster recovery processes Privileged Access Management (PAM)
- Grant privileges to users only for systems on which they are authorized.
- Grant access only when it's needed and revoke access when the need expires.
- Avoid the need for privileged users to have or need local/direct system passwords.
- Centrally and quickly manage access over a disparate set of heterogeneous systems.
- Create an unalterable audit trail for any privileged operation.
Public Key Infrastructure Management (PKI)
- Securely store CA's private key
- Issue digital certificates for users, applications and devices
- Leverage certificate authentication to verify the identity of a device or user
- Publish certificate revocation lists (CRLs) to verify a user or application's certificate is still trusted by the issuing CA
- Maintain an auditable database of users' private key histories for recovery purposes
Please send CV for full details and immediate interviews. We are a preferred supplier to the client.