Description
Context
The Information security & Risk Management department supports IT and the businesses to help them develop adequate information security solutions.
ISRM missions are to
Build up and support the implementation of a flexible information risk mitigation strategy for the businesses in the scope of the company, in line with the Group Information Security Policy
Deliver best fit security services and solutions to protect business operations and assets
Lead the information security maturity improvement programs
Manage the Company's information security community to ensure coherence & synergy
Consequently, the mission of the ISRM architecture team consists in supporting the Business and IT projects in the domain of Information Security. We advise them on security issues and help them (in collaboration with IT architects) to define the appropriate security architecture for their applications/projects. These tasks are performed under the umbrella of a Risk Assessment Process, and supported by a Risk Assessment methodology and a set of available supporting tools. We play also the role of Single point of contact for the security community; while doing our best to facilitate the contacts between ISRM (Information Security & Risks Management) and the Business /IT.
Language requirement
French or Dutch as fluent language + English (spoken and written)
The work language will be English and French, the candidate should be able to write mail and have interactive meeting in English and French.
Required knowledge and experience
Required level and content of education
University graduate in IT or equivalent.
- Personal skills
- Mandatory:
- Strong and proven Communication and Influencing skills;
- Ability to work in a dynamic and multicultural environment with a strong team spirit;
- Ability to manage time and priorities efficiently and to work under stress.
- Good analytical and problem solving skills;
Preferable:
Business experience required
Mandatory: 5 years of professional experience in IST
Technical experience required
Mandatory: Information security in general (awareness of the best/common security practices in the field of application development/IT projects).
Good understanding of IT security technology and processes (PKI, Secure datacenter, secure networking, web infrastructure, etc.);
Good conceptual knowledge of the Information Security Standards Frameworks (ISO17799, ISO 2700);
Preferable: Past experience in the field of ISO 2700x based Technical Risk Assessments or Audits (assessment, mitigation plan development etc.)
Certified Information Systems Security Professional CISSP; IT architecture
Objective of the job
- Support IT projects and main IT changes based on our security expertise and with an adequate risk analysis.
- Advice and contribute to security architecture projects
- Write risk analysis, security position papers and architecture references.
- Guarantee usage and conformity of project according to security architecture rules and methodology.
- Participation to external workgroups and regular contact with security providers
- Single point of contact for business on IT Security related topics