Joelle Nguyen Duy
about 1 year ago
The IT Security Engineer will be located in Headquarters Brussels and will report to Corporate Security.
As security SPOC inside key business projects you will be consulting and advice on practical implementations and security measures taking into account both the established Security Policies and guidelines and the business requirement.
You will interact with IT and Network engineering departments in order to identify the most optimal and balanced solution which consolidates both security and project requirements. You seek consensus and are able to find alternative solutions, mitigations if needed.
You will verify, validate and approve the firewall change request are in line with the agreed design.
You perform the necessary validation of the deliverables yourself, alternatively if needed, you will setup and coordinate the execution of External PenTests in order to validate the Security of the project deliverables prior to going into production. Pentest results will be analysed and translated by you into recommendations. You have ability and skills to articulate and present your observations and recommendations to Project Stakeholders as well as Senior Management. You will also identify and quantify remaining residual risks.
You will be governing both exceptions & exemptions, and you will act as a contact for any ad-hoc security consultations. As a member of Corporate Security Department you will also assist in the continuous enhancement of the Security Operations Center and the processes thereof.
Your most important challenges will be:
·The analysis of security aspects of business projects. Ensure the projects are provided with the appropriate level of technical guidance to guarantee sufficient Security controls are implemented in the different projects.
·Works with all units of the company to identify security requirements, using methods that include risk and business impact assessments. Components of this activity include but are not limited to communication, facilitation and consensus building.
·Ensure up-to-date security documentation is available.
In this role you will also be responsible for :
·Design and consult on solutions which achieve an optimal balance between Security and project requirements
·Collaborate to security incident management response activities as well as the investigation of security breaches.
·Undertake the development and maintenance Standard Security Requirements standard and checklist.
·Ensuring up-to-date security and project related documentation is available at all times.
·You have a University Degree in Information Technology or equivalent experience.( or an equivalent experience can be demonstrated (eg. Civil/Industrial Engineer, Licence in IT);
·Basic knowledge of the telecom sector and the applicable technologies;
·Practical knowledge of security systems en good knowledge of security solutions on the market
(eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI ...);
·Basic knowledge of general network environment (LAN, WAN, WiFi, routers, switches);
·Basic knowledge of network communication protocols (Ethernet, TCP/IP, MPLS);
·Good Application Penetration knowledge
(eg. XSS, buffer overflow, URL tampering, SQL Injection, dDoS, Botnet, ...);
·Preferably a University degree, 3 to 5 years' experience in the Security domain (IT or Network domains are also valuable);
·Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions and desktop security tools;
·Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts;
·Knowledge of and experience with identity and access management (IAM) principles, processes and tools;
·Flexible and open for fast changes;
·Good presentation and communication skills;
·Understanding of operational methods and procedures;
·Flexible and open for fast changes.
·You are fluent in English.
·Knowledge of Dutch and/or French is a plus.