1 Oct. 2022
Informatie Beveiligings Officer (Freelance)
Functie omschrijving
In order to be accepted, the proposed application must fully meet the following minimum requirements:
- The applicant must have the minimum skills and experience required (roles/skills/languages) ;
- The NDA (Non-Disclosure Agreement) annexed to this application must be completed and signed by the applicant him/herself.
Mission: Medior Information Security Officer
- Start: ASAP - Full Time
- Min. Duration: until 31/12/2022 (can be renewed!)
- Required Seniority: Medior
Information Security Officer
The Information Security Officer has a key mission: to promote and reinforce the information security in the notary sector. The security officers are part of a small team and enjoy a varied job:
- Development and maintenance of Information Security Policies in line with the Information Security Strategy;
- We guide and coach on the implementation of the policies;
- We deliver guidance on the implementation of the security controls and reporting;
- We advise project teams on security matters (“Security by Design”);
- We perform assessments through, amongst others, penetration and vulnerability testing;
- We make users and managers aware on the cyber threats;
- We monitor conformance with policies;
- We respond to cyber incidents of various origins and to business continuity incidents;
- We keep an eye on the evolution of cyber security threat and technology landscape.
You want to
- Be the enthusiastic promotor by selling sound security practices within the organization and coaching staff to a higher maturity level
- Work in a dynamic environment with high demands on trust for a digital world which must be delivered through modern security technologies
- Advise and coach project or product teams to design services and applications with security in mind
- To perform independent testing through
- penetration testing at the application/service level on demand or pro-actively
- perform infrastructure vulnerability testing
- Get transparency on the state of play of security through the embedding of reporting throughout the organization and consolidate to address different audiences:
- Explain the security risks to the management
- Help stakeholders to find risk reduction solutions
- React to security incidents
- You have an experience in security incident management, including assessment, reaction, containment and recovery
- You have affinity with business continuity management practices
- Contribute to a dynamic and constructive security culture in the organization
- Work in an Agile environment.
Functie eisen
You have
- Bachelor or Master degree or equivalent by experience
- At least 5 years experience in an “IT environment”
- At least 2 years of experience in IT security and preferably experience with application security testing
- A proven track record of handling security incidents
- Thorough understanding of information technologies, data security and network concepts
- Good understanding of the risk- cost or user convenience balance
- Good understanding in information security frameworks (CIS, NIST, ISO27000) are considered a plus
- Information security certifications such as: CEH, CISSP, CISM, OSCP are considered a plus
- You know the top-10 OWASP risks: how to test an application against these risks
- You have experience in reporting pentest results to project teams
- You are familiar with pentest tool like Burp Suite
You are
- FR or NL is your mother tongue (full working proficiency in both languages is preferable as customers are FR & NL), both written and spoken. Elementary knowledge of EN as working language is used
- Deep analytical skills and structured thinking
- Organized and self‑driven
- Autonomous: able to prioritize activities, plan and execute
- Strong listening and negociation skills
- Able to communicate fluently with different audiences
- Able to take a challenging but constructive attitude
- Good team player; team objectives prevail over individual objectives
- Good understanding Data Privacy and GDPR
- Eager to learn about security, technology and our business context
- Be versatile & polyvalent
We offer...
- Challenging and interesting projects to work on, using the latest methodologies and technologies, within a growing and economical stable sector.
Where are you going to work?
- Brussels at Fednot premises
- Homeworking 3d/week
Skills
- Information Security Expert - Medior
- Application Security Testing - Advanced
- Cyber SecurityLevel - Advanced
- Data PrivacyLevel - Advanced
- GDPR - Advanced
- Information security certifications (CEH, CISSP, OSCP) - Nice to have
- Information Security Frameworks (CIS, NIST, ISO27000) - Nice to have
- Network Port Scanning - Advanced
- Penetration and vulnerability testing - Advanced
- Pentest tool (Burp Suite) - Advanced
- Reporting of pentest results - Advanced
- Security Incident Management - Advanced
- Top-10 OWASP risks - Advanced
- Vulnerability scanning tools - Advanced
- Dutch - Full professional proficiency
- English - Professional working proficiency
- French - Full professional proficiency
Locatie
Brussel(s)/Bruxelles