4 months ago
As a member of the Security Governance department, the Cyber Security Consultant assists the team on
making sure the policy framework is aligned with threat landscape, business transformation, technology capabilities and
- Identify and prepare amendments to the policy framework by
- writing functional security requirements in collaboration with our CSIRT team which provide a sufficient
protection of resources based on Attack Vector.
- making sure those function security requirements can be met using available technology.
- Assist the Enterprise Security Architecture team in mapping security requirements to IT Architecture Building
Block used by IT to create High-Level Design
- Assisting the Enterprise Security Architecture team in defining Security Requirements for the Security Solution
- Assisting IT in identifying and providing remediation to possible compliance issues.
- Developing High Level Security Requirements to translate to leadership team (Director-level) detailing security
requirements for them to understand the security impact on their business.
- Working with both our CSIRT & Enterprise Security Architecture teams to maintain Attack Vector on Architecture
Building Block updated.
Degree & Experience:
- University degree in computer science or equivalent combination of education and experience.
- 3 to 5 years of hands-on experience as a security architect, a security analyst, or a similar role, dealing with
multiple security domains (technologies, applications, services) and activities (concepts, policies, practices,
procedures), preferably in a large organization.
- Knowledge of ISO 27001 implementation
- Familiar with large and complex IT environments and data communications networks.
- Good understanding of various security domains such as: IP network protocols and services, user authentication
methods, encryption, voice technologies, wireless technologies, web applications.
- Knowledge in Cloud Azure is for sure a plus.
- Very good knowledge of the security features offered by, and the security risks encountered in
complex ICT environments.
- Experience with security risk assessment methodologies is much appreciated.
- Ability to understand business products and processes in order to perform related security risk assessment.
- Familiar with relational databases concepts and usage.
- Good understanding of the main security products and tools such as: firewalls, intrusion detection
and prevention, log file aggregators/analyzers, vulnerability assessment.
- Learning agility
- Good negotiation and communication skills
Fluent in French and English with good knowledge of Dutch.