Social network you want to login/join with:
Operational IT Security Officer, Brussels
Client:
Location:
Job Category:
Other
EU work permit required:
Yes
Job Reference:
ea1c90ac144b
Job Views:
2
Posted:
02.04.2025
Expiry Date:
17.05.2025
Job Description:
Responsibilities:
1. Ensuring applicability of operational security in Run & Change activities.
2. Configure and maintain security solutions in operational condition while performing IT operational technical security actions (vulnerability analysis & resolution, patching management, alert management, security incidents, technical access management, etc.).
3. Check compliance with and observance of security standards and apply/deploy new operational security solutions.
4. Implement the security measures formalised/observed in projects by the GSO, contribute to the reflexion around the optimised security architecture and submit the implementation for the security assessment phase occurring before the official testing phase of the project.
5. Propose areas for IT security improvement and implement good security practices.
6. Implement & coordinate the closure of the recommendations that result from the penetration/intrusion tests.
7. Act as the Single Point of Contact on behalf of the IT Dept towards the local GSO as well as the Security representatives of the Head office by applying the security guidelines provided by them in the operations, projects & proof of concepts.
8. Liaise with the IT Production, architecture, development, IT risk, DPO and DQA teams to ensure that the security rules are well respected according to needs while acting as a facilitator for those collaborators with the aim of favouring automation.
9. Together with the local GSO, contribute to the formalization of an appropriate BENE procedural framework to govern IT security operational processes.
10. Lead technical IT security incidents resolution on the field, notably by continuously monitoring security solutions, analysing the logs, liaising with external parties (when involved) and having periodical reportings towards the local GSO.
11. Ensure the follow up in the execution of the obsolescence management plans & IT continuity plans of assets by managing upgrades to the correct versions in compliance with the consistency & continuity of application assets.
12. Report and implement security remediation plans in relation with the IT risks with the collaboration of the IT Risk Officer.
13. Analyse and correct anomalies leading to IT security flaws reported by users.
14. Act as the contact point for IT suppliers in order to follow up the execution of the implementation at their side on our behalf as well as assess the deliverables related to IT security aspects of the solutions/products.
15. Check with the collaboration of the Infrastructure team the compliance of technical/telecom/application flows and issue alerts in the event of non-IT security compliance with norms and standards.
16. Setup, adjust & monitor operational IT security indicators/KPIs and action plans in order to remedy non-compliant features, in collaboration with the IT Production, GSO & CISO teams.
17. Respect compliance of the IT security architecture plan.
18. Assessment and remediation plans of IT security audits & reports results.
19. Assessment and remediation plans of IT security recommendations within projects.
20. Security monitoring reports & action plan of systems.
21. Security Problem/Incident Management reports & remediation plans.
22. Assessment and remediation plans of IT security risks.
23. Vulnerabilities & obsolescence reports & remediation plans via security patching follow ups & upgrades.
24. Enrichment of IAM via extracts of source applications to facilitate Access rights management reviews.
25. Maintenance of inventories in relation with IT security related assets.
26. Apply remediation plans in relation with IT security related assets.
27. Operational security KPI reports & follow up of formalisation.
28. Assurance security plan elaboration & assessment reports for outsourced activities.
29. Formalisation of the procedural framework.
Your participation in proposing and, where appropriate, carrying out actions to apply security measures within applications while automating tasks in view to optimise the solution and act as a facilitator to the stakeholders is of key essence. Contributing to the elaboration of data & APIs while ensuring their protection by adopting an orchestrated/structured approach is valuable. Your capacity to collect & analyse data to manage and improve the security performance of solutions via a technical or process angle would be of added value.
We expect you to be open to new solutions and prospects for developing the technologies, tools and methodologies used.
Profile:
Education, experience and skills
1. Bachelor degree in computer engineering/cyber security engineering.
2. At least 6 years of experience in the IT security domain.
3. At least 6 years of experience with IT network engineering, IT Risk and Cybersecurity.
4. Excellent written and oral communication skills in English (must) and Dutch/French (desired).
5. Certification: ISO27001, ITIL.
Tools – methodologies – technologies
1. Identity Access Management (IAM) solutions.
2. Privileged Access Management (PAM).
3. Single Sign-On (SSO).
4. IAM workflows management, recertification, training exercises, reconciliation.
5. ‘Non-standard’ rights management.
6. Forensic, SIEM, antimalware and EDR solutions.
7. Network security and firewall administration.
8. Vulnerability management solutions.
Competences
1. Analytical ability.
2. Ability to Deliver / Results Driven.
3. Ability to collaborate / Teamwork.
4. Attention to Detail / Rigour.
5. Creativity & Innovation / Problem Solving.
6. Ability to anticipate business / strategic evolution.
#J-18808-Ljbffr