Description
We are looking for several Security Engineers to work at our multinational client in The Hague/Netherlands.
Deliveries
- Assisting with the information security review of automation projects:
- Providing information security related advice to the staff managing and working on those projects:
- Understand the challenges and threats facing the business;
- Translate this understanding into security requirements for new and existing IT Infrastructure;
- Complete technical risk assessments as necessary.
- Identify system vulnerabilities and complete work to test the security of a system;
- Assisting with responses to information security incidents and vulnerabilities;
- Collaborate with the architecture team with translating the security requirements into a architecture:
- Monitoring and advising on information security issues related to the systems and processes;
- Ensure that the security controls effectively mitigate risk and operating as intended;
- Assisting with the establishment of all elements including continuing development;
- Documentation of information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Collaboration with IT management, the legal department and the operational IT and physical security groups to support security management implementation;
Requirements
- 7 years+ of progressive experience in IT Infrastructure and information security.
- Broad experience in securing Internet technologies.
- Demonstrable broad knowledge and hands-on experience of infrastructure technologies through the entire infrastructure stack, including: network, virtualisation, SAN, server OS (Windows and UNIX) and common business technologies (for example, SQL Server, SharePoint).
- Knowledge and practical experience of security risk assessment (ISO 27005 or eSABSA).
- Knowledge of ISO 27001 & 2, rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.
- Strong analytical and problem solving skills.
- Ability to communicate (oral, written, presentation) in English, interpersonal and consultative skills.
Advantage:
- Experience in security policy development, security education, risk analysis and compliance testing.
- Experience in large, international organizations.
- Experience with application security.
- CISSP, GIAC, or other security certifications.
- System penetration testing, application vulnerability assessments.
- Security Incident Management, including incident analysis.
- SABSA, TOGAF, experience and/or certification.
Very good knowledge and experience of many of the following technologies is desirable.
- Firewalls
- IDPS
- VPN technologies, including SSL.
- Web Access Management
- Malware protection
- Authentication technologies such as Radius, Kerberos, Single-Sign On, Vasco tokens, Federation (SAML, WS-Fed), WebSSO, two factor authentication
- Authorization including RBAC, Rules based authorization
- LAN, WAN and SAN concepts and technical implementations
- Mainframe, Windows, Unix, Linux Operating Systems
- Identity Repositories including LDAP, Active Directory, RACF
- IAM suites including Microsoft FIM 2010, Microsoft ADFS
infeurope is a Luxembourg-based IT service provider, designing, developing and managing multilingual information and documentary systems in many application areas and business sectors. For more than 25 years we have delivered IT systems and solutions, and IT consultancy and staffing services, to our clients in Luxembourg and across Europe.