Description
Voor een klant van Brainbridge in Brussel ben ik op zoek naar eenICT SECURITY Consultant (8-10 years of experience)
Start :
End date :
Location : Brussel
Description:
ICT Security Consultant Level 3.
In first instance it will be for 6 month on an operational function.
Whether the candidate has good design experience, it is possible he'll switch after 6 month on another function on Project mode : following of Security Projects from A to Z
Team :
The Information Security & Risk team is responsible for defining security targets, policies, standards, processes and metrics.
The team defines the information risk management methodology, executes risk assessments, and reports information risk to management and business units.
The team is also responsible for reporting IT risks.
The team delivers expertise in the domain of security controls and vulnerability management.
The team evaluates different types of requests (e.g. firewall changes, local admin…).
Responsibilities:
* Define / update (tactical and operational) security targets and corresponding metrics
* Evaluate different type of requests, challenge the requester in order to understand the request needs, and decide whether to approve or deny the request
* For new projects: perform the C, I, A classification, perform Business Impact Assessments, define the high-level and more technical security requirements to address identified risks. Challenge solution architects and designers in the compliancy of the pre-defined requirements.
* For project security requirements that are not implemented: document the residual risks, and define new security projects.
* assess threats and vulnerabilities
* define / update security policies and standards
* report on tactical metrics
* assess compliance of security implementation
* define / update risk management processes
* report information risks to management and business units
* define and implement IT risk management processes in line with corporate risk management
* report IT departmental risks to management
Technical skills:
* You have 8-10 years of experience in a similar function
* Experience in security design (network and infrastructure)
* Experience in integrating security in projects
* Broad knowledge of security tools and processes: Firewalls (eg. Palo Alto, Juniper), proxy, load-balancing, switching/routing, zoning, IAM, system security, security solutions for middleware, …
NICE TO HAVE'S :
- Knowledge of ITIL, CobIT and ISO standards;
- CISSP, CISA, CISM
- IAM expertise desirable, including public key infrastructure, Identity & Web access management and Federation standards;
-Cloud based technologies knowledge and experience a plus;
- Large environment and/or datacenter migration experience.
- Prince2 or PMI;
- Possesses a strong command of architecture and troubleshooting methodologies in conjunction with a security-minded approach;
Risk management and Security Management :
* You are familiar with enterprise and information risk management frameworks like ISO31000, RiskIT, …
* You have experience in implementing a risk management methodology
* You have executed risk assessments
* You have experience with defining KRI (Key Risk Indicator)
* You have experience in implementing an ISMS like ISO27000 series, ISM3 or other
* You have experience with defining security metrics and scorecards
* You have experience in writing policies and standards
* You have experience in setting up a vulnerability management process
* PCI DSS knowledge is an advantage
Architecture :
* You are up-to-date with security trends, technologies and products
* You are able to define cross technology holistic security solutions
* You have a profound knowledge of technology, operations and business processes
* You have a broad security controls knowledge in the following domains:
o Networks
o Systems
o Middleware
o Applications
o Users
Personal skills:
- You are analytical and conceptual minded
- You are a team player that can also work independently
- Service and result oriented individual that demonstrates high quality standards
- Pragmatic, efficient and fast learning individual
- Diplomatic and a good team player
- Empathetic
- Excellent communication skills able to address various types of communities
- Consensus maker, uses all skills to resolve deadlock situations
- Problem solver, takes ownership of issues and makes sure results are reached according to suited measures and adapted requirements
- Very strong requirements engineering skills
- Understand client requirements and design
- Solution oriented
LANGUAGES :
- Fluent in Dutch and/or French with at least excellent understanding of the other language.
- Fluent spoken & written English is mandatory.