Cyber Security Analyst

Vos challenges

• Define and advise on the design, implementation, and test processes necessary to protect information system assets.
• Perform risk assessments and translate the security architecture and high-level policies and controls towards security requirements (secure by design) for business and IT projects.
• Contribute to the architectural design and validate it against the security requirements
• Define security testing requirements and penetration test scope, actively support the testing teams to perform these tests and approve the test reports.
• Define, implement, and ensure the proper functioning of security services of our department in line with IT security policies.
• Recommend and advise on new or improved security services towards the division management.
• Produce documented security services, technical standards, or principles.
• Act as a security subject matter expert within a certain domain (for example Mainframe security, PKI and Cryptography, Network security, platform security, IAM, application security or secure coding), being the point of contact for both business and project teams. Your stakeholders are the business owners/analysts, project leader, risk management, internal/external auditors and off course the engineers, developers, and architects.

Votre profil

• University degree in Computer Science, Engineering, or similar degree.
• IT-security professional with solid experience in the infrastructure security domain or in the IT application security domain.
• Depending on the experience level; a senior profilehas at least +10 years’ cyber security experience covering multiple domains, the candidate has worked for multiple companies/cross industries. As an entry level profile, the candidate we’re looking for has minimum +3 years’ experience in cyber security in one domain.
• Good working knowledge of documentation and presentation applications including PowerPoint, Visio, Excel, and Word
• Experience translating business requirements into technical solutions
• Effective organizational, planning and time management skills
• Effective research, analytical, and critical thinking skills
• Effective skill exercising initiative and using good judgment to make sound decisions
• Effective skill maintaining accuracy with diligence and meeting deadlines
• Effective skill presenting findings, conclusions, alternatives, and information clearly and concisely
• Able to operate within an international/multi-cultural, networked environment.
• Fluent in English
• Team player who communicates in an open, respectful, and constructive way with customers and peers, both verbally and in writing.
• Strong communication skills, being able to discuss, defend and translate security topics with both senior business people as with deep technical IT experts.
• Ability to handle different projects and cope with pressure and stressful situations.
• Take ownership and ensure that organizational quality standards are met.
• Independent, service-oriented and organized.

Votre expérience

• Proven experience in security risk assessments, development of functional security requirements, process design and management reporting.
• Familiarity with industry best practices in key security domains such as: identity and access management, PKI, network security, data protection.
• Application security knowledge with a good understanding of software development and testing, OWASP (Open Web Application Security Project) guidelines, code scanning tools, security and compliance automation using a CI/CD pipeline.
• Knowledge of and experience with security technologies including IDAAS (Identity as a service) and identity management platforms, Secure access management and federation services, PKI and cryptographic solutions, web application firewalls, endpoint security
• Knowledge of and experience with security technologies covering domains Virtualisation, Software Defined Networks, Cloud IAAS/PAAS/SAAS, Network and DMZ infrastructure, VOIP, Wi-Fi, 802.1x, Anti-malware, System protection, Middleware, Collaboration and end-user workspace solutions, Storage (SAN, NAS), Databases, infrastructure automation services (Infrastructure as a code)
• Preferred professional certifications are CISSP, GIAC, SABSA, ISO 27001 LA/LI. Specific Security related Product certifications are considered an asset.

Discover Contraste Europe

Contraste Europe is a key player in the IT sector and operates on an international scale. We are committed to supporting the growth of our customers in diverse sectors such as finance, healthcare, retail and the public sector. Our values, which include understanding customer needs, competence, independence, team spirit and social responsibility, are at the heart of every project we undertake.

Becoming a Contraster means joining a company where excellence is a mission. At Contraste, every member has the opportunity to express his or her talent in a variety of fields, from cloud solutions development to digital transformation and much more. It’s a chance to contribute to innovative projects and shape your future in an environment that values your personal and professional development.

Ready for the challenge?

Apply now to join our team and become a pillar of digital transformation at Contraste.