Description
The Information Security team of our client provides support and advice on a wide range of technical and non-technical topics related to information security. Their mission is to ensure a protective security framework so that our client's automated systems and information are available and reliable, and so that access is authorised, controlled and registered. In addition, the team is also providing additional security advice and opinion to the business and information management teamsServices to be delivered
Assisting with the information security review of automation projects and providing information security related advice to the staff managing and working on those projects.
Understand the challenges and threats facing the business and translate this understanding into
sound security requirements for new and existing IT Infrastructure that effectively mitigate identified risks whilst allowing the business to continue to operate effectively.
Complete technical risk assessments as necessary.
Identify system vulnerabilities as necessary and complete or propose work to test the security of a system using specialists in penetration testing.
Collaborate with the architecture team with translating the security requirements into a security architecture.
Qualifications, skills and experience
7 years+ of progressive experience in IT Infrastructure and information security, including experience broad experience in securing Internet technologies.
Required: Ability to communicate (oral, written, presentation) in English,
interpersonal and consultative skills
Highly Desirable
Demonstrable broad knowledge and hands-on experience of infrastructure technologies through the entire infrastructure stack, including: network, virtualisation, SAN, server OS (Windows and UNIX) and common business technologies (for example, SQL Server, SharePoint). Technical knowledge of and experience working with computer systems and the application of security to those systems.
Knowledge and practical experience of security risk assessment following ISO 27005 and/or eSABSA standards and methods.
nowledge of information security standards, in particular ISO 27001 & 2, rules and regulations related to information security and data confidentiality and desktop, server, application, database, network
security principles for risk identification and analysis.
Experience should include security policy development, security education, risk analysis and compliance testing.
Experience in large, international organizations and with application security. CISSP, GIAC, or other security certifications and/or membership of a professional institution representing security professionals.
Time scale of work: to
Location of work: The Hague, Netherlands