About the client
Our client s mission is to empower people, build community and bring the world closer together. Through apps and services, they re building a company that connects people worldwide, gives them ways to share what matters most to them, and brings people closer together.
Basic requirement
Assists and supports multiple Projects with security expertise as required. 7+ years of proven experience with information and IT security is required. Proven experience with business projects for IT Security consultancy, support, review and assessments. Strong communication skills are necessary for the management of the stakeholders within the projects involved. Advanced level of spoken and written English is a must.
Requirements
Technical Skills
- Proof of competence through a current certification in the area IT security (CISSP, other technical certifications).
Secondary attributes
- Preferably experience in Cloud Security, especially for Microsoft Azure.
- Should have a technical background in IT Security.
- Who has adequate level of know-how on all (ISO) domains so that he/she can select relevant controls applicable to the project scope and do perform security and compliance reviews for the projects.
- Worked on assessing and handling the information security for the suppliers/3rd parties who are providing services or processing.
- Can perform Threat Modelling Assessments towards System architecture, e.g. using MS STRIDE.
- Can perform security reviews on system architecture for technical diagrams including infrastructure and application components.
- Can perform risk assessment and properly document Impact, Likelihood, Threat, Vulnerability and Recommendations per risk.
- Understands well what real Threats in IT Security and who could define what needs to be done to protect systems, applications and infrastructure against such cyberthreats.
- (It would be bonus if:) IT Security technical background, could possible did some pentesting or hands on managed some IT systems in the past.
Good to have
- Proven experience in the creation of IT security concepts and performing risk analyses according to ISO27001.
- Proven experience in performing IT security architecture assessments.
- Proven experience in Infrastructure security, such as network security, multi layered defensive security, infrastructure security by design, end point security and know how about tools like Firewalls, Proxies, anti-malware concepts etc.
- Proven experience in application security and related concepts, such as but not limited to; OWASP, web application security principles, securing REST interfaces and APIs, different authentication and authorization concepts.
Benefits
- Travel allowance
- An open culture where you can express your views
- Excellent Work life balance
- Visa sponsorship
- A great group of like-minded colleagues
- Relocation support
Technical Skills Proof of competence through a current certification in the area IT security (CISSP, other technical certifications). Secondary attributes Preferably experience in Cloud Security, especially for Microsoft Azure. Should have a technical background in IT Security. Who has adequate level of know-how on all (ISO) domains so that he/she can select relevant controls applicable to the project scope and do perform security and compliance reviews for the projects. Worked on assessing and handling the information security for the suppliers/3rd parties who are providing services or processing. Can perform Threat Modelling Assessments towards System architecture, e.g. using MS STRIDE. Can perform security reviews on system architecture for technical diagrams including infrastructure and application components. Can perform risk assessment and properly document Impact, Likelihood, Threat, Vulnerability and Recommendations per risk. Understands well what real Threats in IT Security and who could define what needs to be done to protect systems, applications and infrastructure against such cyberthreats. (It would be bonus if:) IT Security technical background, could possible did some pentesting or hands on managed some IT systems in the past. Good to have Proven experience in the creation of IT security concepts and performing risk analyses according to ISO27001. Proven experience in performing IT security architecture assessments. Proven experience in Infrastructure security, such as network security, multi layered defensive security, infrastructure security by design, end point security and know how about tools like Firewalls, Proxies, anti-malware concepts etc. Proven experience in application security and related concepts, such as but not limited to; OWASP, web application security principles, securing REST interfaces and APIs, different authentication and authorization concepts.