Security Analyst - Brussels, België - Vector Synergy

Vector Synergy
Vector Synergy
Geverifieerd bedrijf
Brussels, België

4 weken geleden

Sophie Dubois

Geplaatst door:

Sophie Dubois

beBee Recruiter
Beschrijving

Location:

Brussels, Belgium


Introduction:

One of our clients is currently looking for a Security Analyst in information system security. The client's infrastructure is supported by Corporate ITIC services. However, some local specific needs requires to design, setup, and administer an ad-hoc solution at client level.


The main focus of the Security Analyst will be to advise the System Owners, System Managers, and Project Managers on the information systems security approach and to take an active role as IT Security Expert to define IT security requirements and assist in the architecture, design, implementation, and verification activities of information systems security, as well as implementing risk management methodology ITSRM2.


Skills, knowledge, experience required:


  • Minimum 2 years' experience in:
  • Drafting security policies;
  • Drafting and reviewing security plans and security operating procedures (SecOps);
  • Implementing ISO 27001/27002 for a specific architecture/infrastructure;
  • At least 1 certification among the following:
  • GCED (GIAC Certified Enterprise Defender);
  • GPPA (GIAC Certified Perimeter Protection Analyst);
  • GCWN (GIAC Certified Windows Security Administrator);
  • GCUX (GIAC Certified UNIX Security Administrator);
  • GCCC (GIAC Certified Critical Controls);
  • SSCP ((ISC)2 Certified Systems Security Practitioner);
  • CAP ((ISC)2 Certified Authorization Professional);
  • CISSP (Certified Information Systems Security Professional);
  • CISA (Certified Information Systems Auditor);
  • CISM (Certified Information Security Manager);
  • GSEC (GIAC Certified Security Essentials);
  • ECSA (EC-Council Certified Security Analyst);
  • SCPO (SABSA Certified Security Operations and Service Management Practitioner);
  • ISO 27001 Lead implementer;
  • ISO 27001 Lead Auditor;
  • ISO 27005 Risk Manager;
  • Minimum 2 years' experience with any of the following risk management/assessment methodologies:
  • EBIOS;
  • CRAMM;
  • PILAR;
  • Minimum 3 years' experience with:
  • ISO 27000 series standards;
  • Networking (TCP/IP, SNMP, DNS, Syslogng, etc.);
  • Minimum 2 years' experience with:
  • MS Windows operating systems;
  • Linux (Red Hat, Debian);
  • Experience with project management methodologies: PM2, RUP Agile, PRINCE2 Agile or similar;
  • Ability to:
  • Work in a team;
  • Analyse complex documents;
  • Follow and interpret internal procedures and standards;
  • Work with imposed deadlines;
  • Work independently on specific tasks while at the same time functioning as a member of a project team.

Desirable:


  • At least 1 certification in the field of incident handling:
  • GCIH (GIAC Certified Incident Handler);
  • GCIA (GIAC Certified Intrusion Analyst);
  • ECIH (EC-Council Certified Incident Handler);
  • CSIH (SEI Certified Computer Security Incident Handler);
  • SCMO (SABSA Certified Security Operations and Service Management Specialist);
  • Minimum 1 year of experience with STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
  • CybOX (cyber observables);
  • CAPEC (attack patterns);
  • MAEC (malware);
  • TAXII (threat information exchange);
  • Minimum 2 years' experience with:
  • ISO 27001 implementation;
  • Storage (NetApp);
  • Cisco Internetwork Operating System (IOS);
  • VMware vSphere and ESXi.

Duties/role:


  • Performing risk assessments (evaluating risks, threats, and consequences) based on some known methodology;
  • Identifying threats and assessing the effectiveness of existing controls to face them;
  • Drafting Security Plans for information systems based on risks assessments;
  • Analysing the compliancy of information systems with existing IT security policies and registering it in ITSM tools such as ServiceNow;
  • Implementing (security policy) technical or operational controls at operational level included in products and systems;
  • Providing security studies, security assessments, and other specific security matters related to ICT infrastructures;
  • Managing IT security vulnerabilities;
  • Designing or reviewing information systems architectures;
  • Providing technical evaluations and audit reports in relation with information systems infrastructure;
  • Contributing to the preparation of the Organization's business plan;
  • Identifying areas for improvement in business processes providing possible cyber security solutions compliant with the ICT strategy;
  • Building requirements, specifications, business processes, and business case related to the proposed solutions;
  • Analysing required information and documents;
  • Making recommendations to Senior Management;
  • Ensuring that change management processes are implemented;
  • Ensuring the reliability, confidentiality, security, and integrity of information systems;
  • Elaborating and translating the security monitoring policy into monitoring rules;
  • Providing advice on how to optimize the use of existing tools and systems;
  • Raising awareness of information technology innovations and potential
Meer banen van Vector Synergy
Bekijk alle vacatures van Vector Synergy