As Cyber Security Analyst you are responsible for assessing existing or new IT services on technical vulnerabilities and weaknesses supported by the client process and tooling. You will also assess IT related project deliverables that needs to be implemented or legacy infrastructure based on assessments of architectural and detailed designs, workshops, interview.. After assessing the IT projects you will advise your colleagues on security improvements, additional controls and requirements (technical, procedural, organizational).
Translating assessment results into an Information Security Specification (Security plan for service);
Inform project leaders and project managers upon progress of TVA’s and hours spend upon project;
Reporting upon KPI’s relevant for the TVA process;
Help develop and manage the IT Security policies, standards and baselines conform the IT Security Policy Framework
You will have close contact with security vendors, industry peers and also with internal IT colleagues like Project Managers.
Bachelor or Master degree in an IT technical field or equivalent professional experience;
Valid industry certifications such as the Certified Information Systems Security Professional (CISSP) or CISM are a plus;
Experience in ISO 27001 or equivalent are a plus.
3-5 years of experience in Executing Threat and Vulnerability analysis (TVA) or IT Security risk assessments on complex IT services and applications;
Virtualization technology e.g. Flexpod, ESX, Citrix
Network topology, network protocols and network systems
Knowledge of prevalent risk assessment frameworks and methodologies e.g.
IT Risk assessment frameworks like ISO31000, Standard of Good Practice developed by Information Security Forum (ISF) or NIST SP 800 30 framework and/or ISO 27005 framework.
IT Risk assessment methodologies and approaches e.g. Sprint, Logical, access path analysis, Octave, FAIR or Risk IT
Knowledge of prevalent audit standards and techniques
Sound understanding of security technologies, best practices, and security policy frameworks;
You are in possession of a valid work permit for The Netherlands.
Strong analytical and conceptual thinking skills;
Excellent English communication skills and dealing with resistance. Command of the Dutch language is a plus;
Able to summarize and communicate technical data to a non-technical audience;
Able to present, advice and convince stakeholders upon the implementation of security requirements;
Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
Er zijn nog geen reacties op deze opdracht.
Je moet inloggen voordat je een reactie kunt plaatsen.