IT Security Expert

We are looking for an IT Senior Consultant for one of our client at the European Institutions.  

Main responsibilities of the role: 

• Manage third-party security providers and tools to ensure timely delivery and high quality security services (web filtering, SOC activities, security incident management, penetration testing, vulnerability management, vulnerability remediation, patching, phishing exercises, password management solutions etc.,);
• Advise the internal IT security and Strategy team on security best practices, including MS365, and MS Azure security solutions, configuration and operations;
• Develop or review security-related documentation such as policies, processes or procedures to ensure clarity, consistency and alignment with best security practices and propose improvements as applicable,
• Provide a general QA function and ‘point of challenge’ on the quality of documents,
• Analyse and comply with data protection and data privacy requirements, and determine how to balance these requirements with functional requirements
• Confidently follow up on deliverables with internal and external parties with expected results;
• Develop or review material to support the creation or the improvement of various security requirements, plans and test cases;
• Contribute to the success of daily tasks, such as incident management, user request management (security assessment of new software, spam/phishing analyses);
• Monitor a variety of security sources to identify and assess new or emerging threats and risks to the IT systems, processes and staff;
• Prepare draft IT security assessments in the context of data location framework reviews;

Requirements

• Advanced degree in relevant field is required (Computer Science, IT Security), with at least 6 years of relevant experience
• Solid understanding of the current IT security threat landscape and countermeasures
• Extensive knowledge of contemporary IT security concepts, solutions and tools
• Experience in data protection and data privacy considerations in implementing various IT or IT security solutions
• Extensive knowledge of cloud security, M365 security, multi-factor authentication approaches, threat and vulnerability management, deception, and/or threat intelligence technologies
• Extensive knowledge of and experience with computer systems administration, computer networks, virtualisation technologies, programming
• Service delivery management experience (vendor management, reporting, relationship management, etc.) at a relatively senior level
• Experience with MS365 security administration, MS Azure tools management and hardening
• Good understanding of MS security landscape
• Project management experience
• Experience in internal control framework documentation reviews and attestations
• Experience in conducting failover tests of data centres
• Experience in conducting cyber exercise simulations or updating cyber incident response plans
• Experience in or ability to provide inputs in testing security tools with test users, including drafting the related communications
• Ability to independently undertake assigned tasks or manage smaller projects with minimal supervisory involvement.
• Very good communication skills in English, both oral and written, other language skills are desirable.
• Good presentation writing skills