We are looking for an IT Senior Consultant for one of our client at the European Institutions.
Main responsibilities of the role:
Manage third-party security providers and tools to ensure timely delivery and high quality security services (web filtering, SOC activities, security incident management, penetration testing, vulnerability management, vulnerability remediation, patching, phishing exercises, password management solutions etc.,);
Advise the internal IT security and Strategy team on security best practices, including MS365, and MS Azure security solutions, configuration and operations;
Develop or review security-related documentation such as policies, processes or procedures to ensure clarity, consistency and alignment with best security practices and propose improvements as applicable,
Provide a general QA function and ‘point of challenge’ on the quality of documents,
Analyse and comply with data protection and data privacy requirements, and determine how to balance these requirements with functional requirements
Confidently follow up on deliverables with internal and external parties with expected results;
Develop or review material to support the creation or the improvement of various security requirements, plans and test cases;
Contribute to the success of daily tasks, such as incident management, user request management (security assessment of new software, spam/phishing analyses);
Monitor a variety of security sources to identify and assess new or emerging threats and risks to the IT systems, processes and staff;
Prepare draft IT security assessments in the context of data location framework reviews;
Requirements
Advanced degree in relevant field is required (Computer Science, IT Security), with at least 6 years of relevant experience
Solid understanding of the current IT security threat landscape and countermeasures
Extensive knowledge of contemporary IT security concepts, solutions and tools
Experience in data protection and data privacy considerations in implementing various IT or IT security solutions
Extensive knowledge of cloud security, M365 security, multi-factor authentication approaches, threat and vulnerability management, deception, and/or threat intelligence technologies
Extensive knowledge of and experience with computer systems administration, computer networks, virtualisation technologies, programming
Service delivery management experience (vendor management, reporting, relationship management, etc.) at a relatively senior level
Experience with MS365 security administration, MS Azure tools management and hardening
Good understanding of MS security landscape
Project management experience
Experience in internal control framework documentation reviews and attestations
Experience in conducting failover tests of data centres
Experience in conducting cyber exercise simulations or updating cyber incident response plans
Experience in or ability to provide inputs in testing security tools with test users, including drafting the related communications
Ability to independently undertake assigned tasks or manage smaller projects with minimal supervisory involvement.
Very good communication skills in English, both oral and written, other language skills are desirable.