Information Security Officer
Our Client is looking for an Information Security Officer Medior and Senior who is able to take a proactive role in the management of information security risks. Candidates must have strong knowledge of IT security and compliance methods, industry standards and take initiative in the adaptation and implementation of security practices/processes by the organization. And you are dedicated to keeping up to par with the security trends and developments and spotting the potential for new initiatives realizing further improvement.
You as a Technical Information Security Officer
In the organization all business units are responsible for ensuring the security of the IT-environment. The biggest challenge for the team is reviewing and verifying if technical measures are implemented correctly and supporting the devops teams to that end. They need to balance the (residual) risk with measures required and support the asset owners and their teams in making a conscious decision. Optimizing the IT security procedures and processes, automating as much as possible in order to increase quality and minimize manual procedures is their continuous challenge. Your role as team member of the security assurance team is to define, review and support implementing the standards and guidelines for a structured and well-aligned way of working for IT security and compliance.
- Reviewing technical designs and security measures (e.g., secure protocols, encryption algorithms, IAM, firewalls, according to client security standards) for the designs of the technical environment: network, infrastructure (both cloud and on-premise datacenters), applications, SaaS, external connections, etc.
- Working with the Security team on a wide variety of security and compliance tasks, e.g. periodic control tracking with the Group IT departments, regulatory compliance reporting, deep-dive asset reviews, threat modelling, provide IT security training and coaching, interpret vulnerabilities and security incidents on impact for services, supply chain security, etc.
- Working in close cooperation with the devops infrastructure and application teams, as well as other security disciplines like their own Security Operation Center and Defensive security teams to proactively identify and support teams to implement the appropriate security measures.
Who you are
- You are proactive and result-driven and ensure you meet agreements made.
- Concise and eye for detail while keeping the overall picture and goal in mind.
- Clear communication style and being able to cooperate with people with various backgrounds.
- You are a team player: you are supportive and flexible in picking up tasks when priorities change.
- Skilled and experienced in IT and IT security, preferably educated as Bachelor or master degree in IT (or other technical and/or security oriented study). Preferably certified CISSP and/or SSCP, and/or cloud certification such as AWS or Azure, network or other relevant security and technical certification.