As a global critical financial infrastructure, the protection of the company’s information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Group Security & Business Resilience (GSBR) in charge of putting in place the required controls to adequately and effectively protect our information assets.
Your main responsibilities:
- Plan & coordinate penetration tests with external provider
- Analyze penetration test reports and produce digests/synopsis
- Present & discuss the outcome of the Pen Test results to all relevant stakeholders
- Ensure the timely and effective remediation of security weaknesses and defects revealed in penetration testing activities
- Maintain an operational dashboard of applications/infrastructure/other assets requiring the testing, based upon schedules/frequencies
- Define, produce and publish compliance reporting
- Be a team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. The candidate will take ownership and ensure that organizational quality standards are met.
- Be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.
- Proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.
- Familiarity with industry best practices in key domains: penetration testing, application/infra/network security, identity and access management, and secure development on all platforms.
- Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset.
- Application security knowledge with a good understanding of software development and OWASP guidelines.
- Sufficient background knowledge with regard to network principles and protocols used in WAN and LAN's, DMZ, Internet security, network segregation.
- Experience with a subset of Unix, Windows System, tandem, mainframe security and assurance.
- A challenging position in a fast growing company with an international presence.
- A stimulating working environment with a really good team spirit maintained by lots of internal events (teambuilding, ...).
- A dynamic culture focused on personal development.
- A wide range of training and career development opportunities.
Please apply now !