Cyber Security Manager

Title: Cyber Security Manager

Location: Brussels, Belgium (Onsite)

Duration: 6 months

Languages: English

Job Description

We currently have a vacancy for a Cyber Security Manager fluent in English, to offer his/her services as an expert will be based in Brussels, Belgium. The work will be carried out either in the company’s premises or on site at customer premises. In the context of the first assignment, the successful candidate will be integrated in the team of the company that will closely cooperate with a major client’s IT team on site.

Your Tasks:

• Assist company in the follow-up and co-ordination of Infosec/IT Security-related matters, acting as a facilitator to converge all efforts towards the project's objectives;
• Translate security requirements into technical requirements;
• Promote compliancy of company’s information and information systems with the security policy;
• Review the quality and conformance of the technical deliverables (specification, software, documentation, security plans) and services with a focus on security and continuity;
• Follow up the security operations and advise on business continuity and disaster recovery;
• Assist in the definition of its Information Systems Security Management (ISSM);
• Clarify issues and prevent potential security incidents;
• Analyse technical security assessment and studies;
• Propose technical solutions in security-related areas (i.e. privileged identity, firewalls, vulnerability management);
• Experience with security methodologies, risk management & audits (such as ISO 2700X:2013, CobIT, etc.);
• Participate in meetings with contractors, members and/or other partners.

Requirements

• Master degree combined with minimum 17 years of relevant working experience in IT;
• Minimum 8 years of recent IT security experience;
• Extensive experience, minimum 4 years, in handling IT security incidents;
• Extensive experience in following up and monitoring the implementation of IT audits recommendations;
• Proven experience in leadership and dealing with IT security experts and driving IT security contractors;
• Proven experience in designing and delivering IT security and BCP/DRP dashboards;
• Working experience as an IT auditor in highly regulated areas such as banking and finance services;
• Experience with security assessment of complex information systems;
• Experience with penetration testing according to OWASP Top 10 and secure coding best practices;
• Experience with security methodologies, risk management & audits (such as ISO 2700X:2013, CobIT, etc.);
• Excellent knowledge of several security solutions in the area of SIEM, Firewalls security, IPS/IDS, privileged identity management, Web Application Gateways, Web Application Firewalls, vulnerability scanning, endpoint security services, endpoint protection services, etc.;
• Extensive knowledge in building technical IT risk assessments according to standards and security best practices;
• Extensive knowledge of TCP/IP and network protocols in order to monitor and approve Corporate firewall rules for WAN connections;
• Excellent knowledge in managing Security Risks for the major risks that are to be handled after the IT solution is being deployed in Production;
• Excellent knowledge with cryptography, network security, identity and access management (IAM) (such as HashiCorp Vault, CISCO ISE etc.), desktop tools and products for security assessments and audits;
• Excellent knowledge of the current state-of the-art technical evolution in security management and related products, matured in complex and structured organisation with outsourced services and proven with practical activities;
• Ability to review technical and security documents;
• Familiarity with IT projects, preferably in the field of Excise, Customs and Taxation business or accounting;
• Additional desirable assets: experience in ITIL, experience in implementation and enforcement of Service Level Agreements (SLA), experience as a technical writer, experience in software development, SDLC, systems’ and network engineering;
• The following certifications are considered a plus: Security Certification in a Security Role or Security Framework (e.g. CISM, CISA certifications, for Certified Information Security Manager and Certified Information Security Audit; Offensive Security Certified Professional; ISO 2700X:2013; CobIT, etc.. ), ITIL certification;
• Certification in IT Governance (such as CGEIT, CGRC etc.) is a definite asset;