Joelle Nguyen Duy
7 months ago
Different tasks that the candidate will work on it:
1.To perform a general security risk assessment for new projects or for changes to existing applications, infrastructure components or services.
2.To ensure that the new projects (or changes to existing systems and platforms) are compliant with security policies and any security standards that the company has to comply with.
3.Responsible for maintaining control documentation for ISO 27001 certification.
4.To research and document the security risks raised by the new technologies introduced into the company in the IT, Telecommunications and Internet landscapes.
5.To provide security requirements to be included in RFQ and RFP's based on the company Security NFR's and to evaluate vendor responses.
6.To provide support to the end users, upon request, during the implementation of security requirements.
1.University degree in computer science or equivalent combination of education and experience
2.ISO 27001 Lead Auditor or Lead Implementer
3.3 to 5 years of hands-on experience as a security architect, a security analyst, or a similar role, dealing with multiple security domains (technologies, applications, services) and activities (concepts, policies, practices, procedures) preferably in a large organization
4.Familiar with large and complex IT environments and data communications networks
5.Good understanding of various security domains such as: IP network protocols and services, user authentication methods, encryption, voice technologies, wireless technologies, web applications.
6.Very good knowledge of the security features offered by, and the security risks encountered in complex ICT environments
7.Experience with security risk assessment methodologies is much appreciated
8.Ability to understand business products and processes in order to perform related security risk assessment.
9.Familiar with relational databases concepts and usage.
10.Good understanding of the main security products and tools such as: firewalls, intrusion detection and prevention, log file aggregators/analyzers, vulnerability assessment.
Security-minded, learning agility, good negotiation and communication skills, autonomy, assertiveness.
Fluent in French and English with good knowledge of Dutch.