Senior Security Risk Analyst
Sopra Steria
Bruxelles, Belgium
4 dagen geleden

Your Mission

  • The Senior Security Risk Analyst is responsible for assessing informationrisk and facilitates remediation of identified vulnerabilities for IT securityand IT risk across the enterprise.
  • Assessesinformation risks and facilitates remediation of identified vulnerabilities withthe network, systems and applications.
  • Reports on findings and recommendationsfor corrective action.
  • Performs vulnerability assessments as assigned utilizingIT security tools and methodologies (ebios, ISTRM ).
  • Performs assessments ofthe IT security / risk posture within the IT network, systems and softwareapplications.
  • Identifies opportunities to reduce risk and documents remediationoptions regarding acceptance or mitigation of risk scenarios.
  • Facilitates andmonitors performance of risk remediation tasks, changes related to riskmitigation & reports on findings.
  • Maintains oversight of IT and vendorsregarding the security maintenance of their systems and applications.
  • Providesweekly project status reports, including outstanding issues.
  • The IT Security / Risk Analyst assists in all ITaudits, IT risk assessments and regulatory compliance.
  • Your responsibilities :

  • Assist and lead security technology reviews, development and deployment.
  • Assist in the analysis of new security and protection technologies and operational services for the enterprise to ensure that the appropriate controls are selected or developed.
  • Work closely with management, leads, peers; development teams, business analysts, and end users to ensure data protection for systems used by all areas the organization.
  • Support Information Security programs which include security enhancements, new security technology evaluation and testing, project requirement gathering, internal client communications, data protection inquiries, documentation, and security awareness.
  • Identify new regulations impacting business requirements around security requirements.
  • Identify new security & data protection technologies to enhance business services. Perform technology research, hands-on evaluation, and provide technical summary of the solution based on business use cases.
  • Provide review of architecture proposals for systems and application implementations based on security and data protection best practices.
  • Provides project support for security functions. This includes assisting with security design and preparing security documentation for internal process as well as internal / external audits and assessments.
  • Supports the design, implementation, operation and maintenance of security applications and tools based upon the established security architecture.
  • Assists in the identification of potential security exposures that currently exist or may pose potential threats and coordinate mitigation plan.
  • Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security control procedures, and security auditing procedures).
  • Monitors security blogs, articles, and reports to remain up to date on the latest security risks, threats, and technology trends to incorporate information into processes, procedures, and communication activities.
  • Assist with the development, deployment and support of Data Protection solutions.
  • Assists with development and communication of information protection guidelines and requirements.
  • Your knowledge / experience :

  • 5 years in experience in IT infrastructure related field.
  • Experience conducting IT compliance assessments (Sarbanes-Oxley, PCI, etc.) is an asset.
  • May vary by specialization but may include understanding of project management, application security concepts, data protection, and mobility security integration.
  • Additionally should possess basic experience in the following :
  • Data protection and encryption technologies.
  • Privilege Access Management solutions.
  • Identity and Access Management solutions.
  • Cloud services and security frameworks.
  • Technology evaluation methodologies.
  • Technology research.
  • Microsoft Office suite skills.
  • Industry security frameworks.
  • Operational experience with various commonly used operating systems and services.
  • Network communication basics.
  • Communication and technical writing skills
  • We Offer :

    Weoffer the opportunity to work in a fast growing and dynamic team on challengingnational and international projects in different industries.

    We also offer theopportunity to continuously deepen your knowledge and to further develop yourpersonal competencies.

    If you want to boost your career and join a growing European leading ITservices company, do not hesitate to check this opportunity and send us yourresume.

    deze vacature melden

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mijn E-mail
    Door op "Doorgaan" te klikken, betekent dit dat je neuvoo toestemming geeft om je gegevens te verwerken en je e-mails met vacatures te sturen, zoals beschreven in neuvoo's -Privacybeleid . Je kunt je toestemming altijd intrekken