Lead Cybersecurity Consultant

• Contribute to Security Management activities:
  • Contribute to building the strategic view for the future of ICT security at the client;
  • Draft ICT Security policies, standards, guidelines;
  • Perform market reviews, products analyses, studies;
  • Lead security-related solutions assessments and labs;
  • Lead and manage Security-related projects;
  • Contribute to the communication of the available policies.
• Define and deliver user awareness programs;
  • Elaborate presentations, messages targeted to the end-users;
  • Elaborate demos and videos for illustration;
  • Provide support to Communication and Training Departments for building various material (e.g. posters, flyers, e-learning);
  • Lead lectures, conferences, demos and workshops.
• Support project and application owners in designing, implementing and maintaining ICT Security:
  • Perform Risk analysis according to state-of-the-art methodologies and practices;
  • Elaborate ICT Security requirements for in-house and outsourced projects and applications;
  • Define and review architectures for security systems;
  • Design and implement Security settings on various kinds of IT components;
  • Coordinate ICT Security activities in the projects, provide support to project managers;
  • Provide support for remediating Security vulnerabilities or issues;
  • Assess security aspects of products and solutions.
• Protect the Institution’s ICT infrastructure and applications.
  • Provide support to design and implement secured architectures;
  • Provide support to design and implement Security settings on various kinds of IT components;
• Collaborate with ICT departments for defining security procedures and best practices.
• Study ICT security standards and regulations for applying them to the client's context.
• Provide support to perform system information security risk analysis.
• Propose appropriate security counter-measures according to standards and best practices.
• Define security-operating procedures for systems and products.
• Perform security studies and the design of security architectures.
• Manage and analyse security ICT events that occurs within the Institution.
• Auditing and reviewing configuration of software, communication, computing systems.
• Provide support to security incidents response processes through dedicated analysis.
• Support the implementation of cybersecurity within the client's Entreprise Architecture strategy.
• Support the definition and implementation cybersecurity maturity models within the institution
• Support the compliance process regarding the implementation of cybersecurity standards, procedures and guidelines.
• Regularly attends conferences, professional association meetings, and technical symposia to remain aware of the latest information security technological developments.

Requirements

• Master's level degree
• At least one ICT Security professional certification is also required.
• At least 6 years of professional relevant experience, including:

• Three years’ experience related to ICT security management (e.g. ISMS implementation, cybersecurity policy management, development of security policies and standards); and
• Two years’ experience as a team leader or project leader for major security-related projects.
• Experience in:
  • Cybersecurity Security Standardisation framework knowledge (e.g. ISO/IEC 270XX,NIST 800, ISF)
  • Defining, implementing and managing ICT and Information policies, standard, procedures and guidelines
  • Identity and Access management;
  • Application security, in particular: (web) application firewalls, secure coding practices;
  • Data protection and integrity: encryption, data loss prevention mechanisms;
• Very good knowledge of both written and oral English is mandatory.
• Good command of French is an asset