Jobs
CRI Group logoCRI Group

IT Security Specialist

Strasbourg, FranceStrasbourgBas-RhinFranceEuropeApril 23, 2024

Tasks:

  • Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems
  • Develop and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment
  • Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action
  • Perform source code reviews
  • Perform network and application penetration testing ( Black box, Grey box and White box)
  • Defining detailed security architecture
  • Performing technical security audits
  • Perform log analysis and security monitoring
  • Perform IT infrastructure/ Application Security configuration reviews
  • Design and implement technical security mechanisms and technologies
  • Design and develop technical security standards and procedures

Tasks in more details:

  1. Security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, system security appliances, and host‐based security systems
  2. Plan, coordinate, and perform programming for all security systems and other IT integrated components to meet eu‐LISA and system operational needs
  3. Review of design physical security systems installed as to meet eu‐LISA needs according to best industry practice and Agency guidelines
  4. Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action.
  5. Determine material quantities in the amounts needed to complete projects as per the first Agency planning for the current Building Project
  6. Develop and create systems documentation, including full review and correction of systems drawings, systems installation drawings, and other systems documentation
  7. Ensure that physical security systems are being installed, programmed, tested, and commissioned according to Agency needs and best practice standards
  8. Ensure that physical security systems are being properly maintained, reprogrammed, retested, and repaired according to Agency needs and best practice standards
  9. Performing technical and security audits as to ensure optimal security systems’ performance
  10. Security monitoring and log analysis
  11. Review of design of the GTC / Facility system connections to the Hypervision system as to allow effective monitoring of the well‐being of the Data center and all related equipment in order meet the business continuity needs and the best standards
  12. Design and implement technical security mechanisms and technologies
  13. Design and develop technical security standards and procedures.
  14. Attend dedicated and administrator trainings as to master the security systems. Such would require the CCTV System training / Access System Training / Hypervision System training / Fire detection and extinguishing system and all related trainings (Facility system included) as to perform the works required
  15. Develop and perform effective security systems training sessions for relevant staff, notably the Physical Security Coordinators and the Guarding Force.
  16. Performing any other activity related to the security and management of the IT corporate infrastructure or other systems under eu‐LISA’s responsibility.

Education requirements:

  • Minimum 4 years of relevant education (master or equivalent) after the secondary

Minimum experience requirements:

  • Minimum 6 years of relevant professional experience in IT Security

Additional needed qualification, knowledge and skills:

Expected to possess advanced knowledge of/in:

  • Security best practice guidelines (ISO 27001, NIST, SANS Top 20 OWASP, etc.)
  • Good practice in the secure configuration of servers, network devices and applications
  • Networking protocols and application communications
  • Network analysis tools
  • Securing Unix and Windows operating systems
  • Securing middleware and applications.
  • Network penetration testing
  • Web application penetration testing
  • Vulnerability assessments
  • Forensic image collection and analysis
  • Managing/deploying the following security technologies: Firewalls; IDS/IPS - Intrusion detection/Prevention Systems, SIEM – Security information and event management; IAM – Identity and access management; APT – Advanced Persistent threat detection; DLP – Data loss prevention; VA – Vulnerability Analysis and mitigation; PKI – Public key infrastructure; Virtual environments; Endpoint security; Mobile security; Communications and data encryption ; Remote access methods; Backup and disaster recovery methodologies; Patch management technologies and processes; Wireless protocols and services
  • Open Web Application Security Protocol (OWASP) and secure software development standards
  • Performing security code reviews.
  • Security monitoring, threat detection and incident response;
  • Proactively and iteratively searching through networks and applications to detect and isolate advanced threats that evade existing security solutions (Cyber threat hunting);
  • Security operations engineering (e.g. implementation of defensive measures, threat intelligence production);
  • Linux administration, TCP/IP, Network Security.
  • Security configuration reviews of IT Infrastructure and security devices, OS, Databases etc.Expected to possess one or more of the following qualifications:
    • Certified Information Systems Security Professional with Information Systems Security Architecture Professional concentration (CISSP-ISSAP)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA)
    • OSCP, OSCE, GPEN, CEH, CCNA, CCNP

Security clearance requirements:

  • EU Secret

WHO WE ARE?

CRI company part of VASS Group, leads the digital transformation and cyber security in the European Union.

CRI operates serving the European Union Institutions, telecom operators, financial institutions and governmental bodies through a comprehensive offering of services and technologies.

Please visit our website and let's get in touch: www.cri-group.eu

Cyber Security Jobs by Category

Application Security jobsAPT jobsAudits jobsBlack Box jobsCEH jobsCISA jobsCISM jobsCissp jobsClearance jobsCompliance jobsEncryption jobsEndpoint Security jobsGPEN jobsIDS jobsIncident Response jobsIntrusion Detection jobsIPS jobsIso 27001 jobsLinux jobsMobile Security jobsMonitoring jobsNetwork Security jobsNIST jobsOSCE jobsOSCP jobsOwasp jobsPenetration Testing jobsPKI jobsSANS jobsSecurity Clearance jobsSIEM jobsTcpip jobsThreat Detection jobsThreat Intelligence jobsUNIX jobsWhite Box jobsWindows jobs

Cyber Security Jobs by Location

Cyber Security Jobs in StrasbourgCyber Security Jobs in Bas-RhinCyber Security Jobs in FranceCyber Security Jobs in Europe

Cyber Security Salaries

Application Security SalaryAPT SalaryAudits SalaryBlack Box SalaryCEH SalaryCISA SalaryCISM SalaryCissp SalaryClearance SalaryCompliance SalaryEncryption SalaryEndpoint Security SalaryGPEN SalaryIDS SalaryIncident Response SalaryIntrusion Detection SalaryIPS SalaryIso 27001 SalaryLinux SalaryMobile Security SalaryMonitoring SalaryNetwork Security SalaryNIST SalaryOSCE SalaryOSCP SalaryOwasp SalaryPenetration Testing SalaryPKI SalarySANS SalarySecurity Clearance SalarySIEM SalaryTcpip SalaryThreat Detection SalaryThreat Intelligence SalaryUNIX SalaryWhite Box SalaryWindows SalaryCyber Security Salary in StrasbourgCyber Security Salary in Bas-RhinCyber Security Salary in FranceCyber Security Salary in Europe