Tasks to be performed by the Security Analyst include:
1. To perform a general security risk assessment for new projects or for changes to existing applications, infrastructure components or services.
2. To ensure that the new projects (or changes to existing systems and platforms) are compliant with our security policies and any security standards that our company has to comply with.
3. Responsible for maintaining control documentation for ISO 27001 certification.
4. To research and document the security risks raised by the new technologies introduced into the company in the IT, Telecommunications and Internet landscapes.
5. To provide security requirements to be included in RFQ and RFP’s based on our clients Security NFR’s and to evaluate vendor responses.
6. To provide support to the end users, upon request, during the implementation of security requirements.
1. University degree in computer science or equivalent combination of education and experience
2. ISO 27001 Lead Auditor or Lead Implementer
3. 3 to 5 years of hands-on experience as a security architect, a security analyst, or a similar role, dealing with multiple security domains (technologies, applications, services) and activities (concepts, policies, practices, procedures) preferably in a large organization
4. Familiar with large and complex IT environments and data communications networks
5. Good understanding of various security domains such as: IP network protocols and services, user authentication methods, encryption, voice technologies, wireless technologies, web applications.
6. Very good knowledge of the security features offered by, and the security risks encountered in complex ICT environments
7. Experience with security risk assessment methodologies is much appreciated
8. Ability to understand business products and processes in order to perform related security risk assessment
9. Familiar with relational databases concepts and usage.
10. Good understanding of the main security products and tools such as: firewalls, intrusion detection and prevention, log file aggregators/analyzers, vulnerability assessment.
11. Interpersonal skills: Security-minded, learning agility, good negotiation and communication skills, autonomy, assertiveness.
12. Language skills: Fluent in French and English with good knowledge of Dutch.