Security Consultant

INTRASOFT International, a leading European IT solutions provider, is seeking on behalf of one of the European Institutions based in Luxembourg, a professional to cover the following opening:

Security Consultant (m/f)

Your Role

• 
  
• Provision of security studies associated with information system projects
• 
  
• Security assessments of information systems
• 
  
• Security gap analysis
• 
  
• Evaluations of security products and tools for information systems
• 
  
• Assistance in the implementation of IS security policies
• 
  
• Security specifications for information systems
• 
  
• Management of security tests
• 
  
• Provision of security audits of databases
• 
  
• Risk analysis
• 
  
• Study impact of security measures on the IT applications
• 
  
• Implementation of security plans within the IT applications
• 
  

Knowledge and skills

• 
  
• Knowledge of security principles, internationally recognised standards and implementing security management methodologies and tools;
• 
  
• Knowledge in telecommunication, datacentre and network security;
• 
  
• Knowledge of risk assessment methodologies;
• 
  
• Knowledge of ITIL best practices in ICT operations;
• 
  
• Knowledge of ICT infrastructure and systems;
• 
  
• Knowledge of security monitoring systems;
• 
  
• Capability to write clear and structured technical documents;
• 
  
• Capability to speak to and interface with business and technical audiences;
• 
  
• Capability of working in an international/multicultural environment (language and communications skills);
• 
  
• Collaborative approach with hands on attitude.
• 
  

Specific expertise

Required specific expertise:

• 
  
• Proven experience of working as a member of an ICT project team
• 
  
• Proven knowledge or certification on security standards ISO27001 level Practitioner or Expert ;
• 
  
• Certifications in security areas as CISSP, CISSP-ISSAP, CISSP-ISSEP, CISM, CEH, ECSS, s-EHP, S-CITSO or similar;
• 
  
• Network design security solutions/technologies, including security zones, secure connections, VPN, IPS, IDS, network and application firewall;
• 
  
• Data security in a virtualised environment, with encryption technologies and other security controls;
• 
  
• Server hardening and monitoring – VMs, OS (Windows 2012, 2019, RedHat Linux), AD Policy groups, Windows 10, SQL hardening;
• 
  
• Security best practices for IBM components (Case Manager, BAW, Filenet) and Java-based applications.
• 
  

Desirable expertise

Expertise in the following domains would be an asset:

• 
  
• Security Information Architecture knowledge proven by certification TOGAF9-Foundation;
• 
  
• Vendor-specific certifications of level professional/expert from Cisco/Microsoft/IBM/RedHat/Checkpoint;
• 
  
• Experience with security measures in an Agile development environment;
• 
  
• Security technologies and solutions for containers (Dockers, Kubernetes);
• 
  
• SIEM solutions for centralized logging and monitoring;
• 
  
• OWASP implementation and assessment of code security.
• 
  

Languages

Working language is English. Very good command of the English language is mandatory.

All applications will be treated as strictly confidential.