Computer Recruitment Services

2 job(s) at Computer Recruitment Services

Computer Recruitment Services Brussels, Belgium
Nov 03, 2017
Contractor
NK288 Cyber Security Designer Banking, Brussels The successful candidate will join the Cyber Security Management - Security Projects and Services team which is part of the Corporate Technology division. The main responsibility for the Cyber Security Management team is to ensure that the technology infrastructure at Bank protects corporate assets from unauthorised access, modification, disclosure and destruction. CSM SPS is the service owner of the logical security domain and infrastructure through the implementation of security services and infrastructure, risk assessments, requirements setting, and active participation in the project delivery life cycle, as well as ensuring adequate processes and procedures for the security administration teams. As part of the CSM SPS team, the main responsibilities for the candidate are; - Advice technical teams on the control design, implementation and processes necessary to ensure and protect information systems assets. Perform risk assessments and define application and infrastructure-related security requirements for business and IT projects. Advises on high level security design of new infrastructures, systems and/or applications to ensure secure operation within the environment. - Perform security validation to ensure effective implementation of security controls. - Defines, implement and ensures the proper functioning of security trust services within his/her security domain in line with IT security policies. Recommends and advises on new or improved security services to Cyber security Management - Review the secure design and implementation of the infrastructure and network infrastructure eg Virtualisation, Anti-malware, system protection, DMZ infrastructure, MPLS and VOIP infrastructure, 802.1x. - Ensure the adequate functioning of security services in the infrastructure protection and network security domain. - Produces documented security services, technical standards or principles. - Act as security subject matter expert in a security domain and be the security point of contact for the business and project teams. Profile: The successful candidate must be a service oriented, organised and independent security professional with solid experience in the security domain or in the IT infrastructure solution architecture. The candidate must be a team player who communicates in an open, respectful and constructive way with his/her customers and peers, both verbally and in writing. The candidate will take ownership and ensure that organisational quality standards are met. The candidate must be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts. The candidate must have proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage. 1) Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset; 2) Unix and Windows System security and assurance - Application security knowledge is a plus; 3) Networking & Firewalls: sufficient background knowledge with regard to network principles and protocols used in WAN and LAN's, DMZ, Internet security, Remote access, network segregation 4) Knowledge of and experience with network security technologies including Firewalls, web application Firewalls, IDS/IPS systems, VPN, security assessments, and centralized logging. Understanding of industry best practices as it relates to security on network architecture. Preferred professional certifications are CISSP, GIAC, ISO 27001 LA/LI. Product network security certification eg Windows, Unix, Cisco or Checkpoint Certified Security Professional (CCSP, CCNP) are an asset Reference: NK288 Location: Brussels Rate: 550-575 euros per day Duration: 6 months Language: English
Computer Recruitment Services Brussels, Belgium
Nov 03, 2017
Contractor
NK 287 Information Risk analyst BANKING, BRUSSELS Background The Business Continuity and Assurance team within the Cyber Security Department defines, establishes and provides information assurance. The team manages regulatory adherence for security, supports security response to external RfPs, manages client queries regarding security policies/controls, provides assurance in response to client due diligence, and manages the first-line internal controls framework. These sub-functions collaborate across security capabilities, with IT and business teams and functions such as HR, Risk Management and Compliance. Role: BCP and Information Security Risks assessments of third parties Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs. Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business. Maintain the database of client-issued RfP's and RfI's; respond to internal and external database knowledge requests. Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams. Support 'proof of concepts' within BCP and Information Assurance; provide cost/benefit reports to security management. Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development. Profile: Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise. Relies on existing processes and policies to take decisions. Focuses on execution in his/her domain, according to defined processes and methods. Runs and maintains the operational process. Works autonomously on standard activities or non-complex demands. Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements. Knowledge of security risk management, risk governance. Strong oral and written skills to translate complex risk requirements. Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework. Experience with audit good practice. Knowledge of onsite risk assessments, and managing targeted risk remediation activities. Reference: NK287 Location: Brussels Rate: 500-550 euros per day Duration: 3 months extendable Language: English