Description
Our client requires a Information Threat Identification Expert-RR
Main Technical Competences:
Minimum bachelor degree in an IT related area
Broad ICT knowledge, including infrastructure and application security
Knowledge of a least one of following products: Network architecture, Application architecture, Unix Wintel platforms
ITIL V3 -Incident and Problem management process knowledge
Knowledge of security tools (is considered as a plus but not required): Nessus, HP Webinspect, IBM Proventia, HP Service Center, HP Webinspect, HP Fortify
Non Technical Competences:
Highly customer oriented and who has an excellent service attitude
Excellent communicator, who can be assertive towards multiple stakeholders
Team worker
Able to work in stressful situations
Organized and who follows a problem-solving and results-oriented approach
You have no fear of paperwork
You have a can-do type of mentality
Excellent written and spoken knowledge of English, knowledge of Dutch and/or French
Flexibility (on-call 24/7 in case of major incidents)
Your role
Coordination of threat identification activities conducted by external suppliers - Penetration testing, Vulnerability Scanning and Static Dynamic Scanning with following responsibilities:
o Define scope and planning of security threat detection
o Select external/internal suppliers
o Follow-up execution of security threats activities done by external suppliers
o Qualify the findings together with IT custodians
o Analyse the security findings and propose a remediation action plan
o Deliver a clearand concise reporting to the management
o Make recommendations to improve infrastructure and data protection
Intrusion Detection Monitoring
o Validate rules provided by IDS tool provider
o Define procedures of prioritization of the findings
o Control quality of work done by external supplier (implement rules in IDS, control running of IDS, control prioritization of findings done by Master Control Room, incident response initiation)
Security Monitoring
o Be accountable for work done by Cyber Crime Detection Expert and external supplier
o Follow-up asset deployment and control quality of security monitoring done by external supplier