FULL_TIME

Senior Security Analyst - SII Belgium

Antwerpen BE
2021-09-27
2024-03-28

A. Purpose of the Job

The purpose of the function is to implement an IT security framework and to protect the company IT-systems, both at strategical and operational level.
The function also covers the management of the general IT governance.

B. Principal Accountabilities, Authorities & Activities

IT Security governance
• Implementing an information security framework
• Develop processes and procedures to embed IT security in the organization and to safeguard systems. This includes application development, database design, network, operating systems, Microsoft toolset and OT
• Control and ensure compliance with the security policies
• Define KPI’s
• Embed security in (business) processes: SDLC, IAM, data classification

IT Security Design & build
• Collaborate with business and IT colleagues to embed security in systems. Helps project teams comply with enterprise and IT security policies, industry regulations, and best practices.
• Define, implement and improve security solutions & services
• Identify and correct security flaws in existing systems
• Validate IT projects and changes to ensure they are designed and built securely
• Participate in the Architecture Review Board

IT Security Manage & operate
• Handle security alerts and steer or participate actively in incident response and resolution
• Remediate vulnerabilities, and support remediation
• Keep cyber security knowledge up to date
• Be the security expert for application development, database design, network, and/or platform (operating system) efforts. Support application teams to keep their systems secure.
• Analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks. Communicate security risks and solutions to business partners and IT staff as needed.
• Collaborate on a daily basis with colleagues, coach and train them whenever needed to make IT security integral part of IT

C. Dimensions/ratio’s

• Reporting to Enterprise and Security Architect

Vereisten

Knowledge

• Knowledge of security frameworks (NIST, ISO 27001 & IS 27002, MITRE ATT&CK)
• Experience with EDR tools
• Experience with Vulnerability Management
• Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends
• Knowledge of networks
• Knowledge of Windows
• Security certifications are an asset
• Fluent in Dutch and English

Skills & attitudes

• Able to create structure, focus on main points and synthesise
• Operational, systematic
• Interest in new technologies and the security aspects of it
• Can create a proposal or framework
• Can get user buy-in
• Can implement processes
• Good oral and written communication skills, used to
o convince business of the need for a cyber security mindset and measures
o document solutions and processes
o communicate a solution to both technical people and managers
o communicate with vendors
• Project management skills, from project inception to project delivery