.a. Responsibilities:Ensuring applicability of operational security in Run & Change activitiesYou configure and maintain security solutions in operational condition while performing IT operational technical security actions (vulnerability analysis & resolution, patching management, alert management, security incidents, technical access management, etc.). You check compliance with and observance of security standards and apply/deploy new operational security solutions.You implement the security measures formalised/observed in projects by the GSO, contribute to the reflexion around the optimised security architecture and submit the implementation for the security assessment phase occurring before the official testing phase of the project.You propose areas for IT security improvement and implement good security practices.You implement & coordinate the closure of the recommendations that result from the penetration/intrusion tests.You act as the Single Point of Contact on behalf of the IT Dept towards the local GSO as well as the Security representatives of the Head office by applying the security guidelines provided by them in the operations, projects & proof of concepts. This imply that on the field you will liase with the IT Production, architecture, development, IT risk, DPO and DQA teams to ensure that the security rules are well respected according to needs while acting as a facilitator for those collaborators with the aim of favorising automationTogether with the local GSO, you contribute to the formalization an appropriate BENE procedural framework to govern IT security operational processesYou configure and ensure operational maintenance of security solutions, execute operational security actions, ensure data are well protectedYou lead technical IT security incidents resolution on the field, notably by continuously monitoring security solutions, analysing the logs, liasing with external parties( when involved) and have periodical reportings towards the local GSO.You ensure the follow up in the execution of the obsolescence Mgt plans & IT continuity plans of assets by managing upgrades to the correct versions in compliance with the consistency & continuity of application assets.You report and implement security remediation plans in relation with the IT risks with the collaboration of the IT Risk Officer.You analyse and correct anomalies leading to IT security flaws reported by usersYou act as the contact point for IT suppliers in order to follow up the execution of the implementation at their side on our behalf as well as assess the deliverables related to IT security aspects of the solutions / products.You check with the collaboration of the Infrastructure team the compliance of technical / telecom/ application flows and issue alerts in the event of non-IT security compliance with norms and standards.You setup, adjust & monitor operational IT security indicators/KPIs and action plans in order to remedy to non-compliant features, in collaboration with the IT Production, GSO & CISO teams.Deliverables:v Respect of compliance of the IT security architecture planv Assessment and remediation plans of IT security audits & reports resultsv Assessment and remediation plans of IT security recommendations within projectsv Security monitoring reports & action plan of systemsv Security Problem/Incident Management reports & remediation plansv Assessment and remediation plans of IT security risksv Vulnerabilities & obsolescence reports & remediation plans via security patching follow ups & upgradesv Enrichment of IAM via extracts of source applications to facilitate Access rights Mgt reviewsv Maintenance of inventories in relation with IT security related assetsv Apply remediation plans in relation with IT security related assetsv Operational security KPI reports & follow up of formalisationv Assurance security plan elaboration & assessment reports for outsourced activitiesv Formalisation of the procedural frameworkContinuous improvement initiativeYour participation in proposing and, where appropriate, carrying out actions to apply security measures within applications while automating tasks in view to optimise the solution and act as a facilitor to the stakeholders is of key essence. Contributing to the elaboration of data & APIs while ensuring their protection by adopting an orchestrated/structured approach is valuable. Your capacity to collect & analyze data to manage and improving the security performance of solutions via a technical or process angle would be of added value.We expect you to be open to new solutions and prospects for developing the technologies, tools and methodologies used.Deliverables:v Log analysis reportsv Technical document updatesv Optimising costsQualifications.I. Profile :Education, experience and skillsv Bachelor degree in computer engineering/ cyber security engineeringv At least 6 years of experience in the IT security domainv At least 6 years of experience with IT network engineering, IT Risk and Cybersecurityv Excellent written and oral communication skills in English (must) and Dutch/French (desired);v Certification: ISO27001, ITILTools – methodologies – technologiesØ Identity Access Management (IAM) solutions- Priviledged Access Management (PAM)- Single Sign One (SSO)- IAM workflows management, recertification, training exercises, reconciliation- ‘Non-standard’ rights managementØ Data Protection solutionsØ Logs collection solutionsØ Forensic, SIEM, antimalware and EDR solutionsØ Cryptology solutionsØ Network security and firewall administrationØ Vulnerability management solutionsCompetencesØ Analytical abilityØ Ability to Deliver / Results DrivenØ Ability to collaborate / TeamworkØ Attention to Detail / RigourØ Creativity & Innovation / Problem SolvingØ Ability to anticipate business / strategic evolution
