IT Security Consultant
Endeavour Recruitment has an exciting opportunity for a skilled IT Security Consultant to work and live in Luxembourg for one of the EU’s largest organisations. This is a 12 month contract and there will be further extensions. The working language is English and the rate is €650 per day.
The role:
• Manage third-party security providers and tools to ensure timely delivery and high quality security services. Such services include web filtering, SOC activities, security incident management, penetration testing, vulnerability management, vulnerability remediation, patching, phishing exercises, password management solutions etc.
• Advise ESM’s internal IT security team on security best practices in regards to MS 365, and MS Azure security architecture, configuration and operations
• Manage IT security projects
• Develop or review ESM’s security-related documentation such as policies, processes or procedures to ensure clarity, consistency and alignment with best security practices and propose improvements as applicable
• Provide a general QA function and ‘point of challenge’ on the quality of documents
• Analyse data protection and data privacy requirements and determine how to balance such requirements with functional requirements
• Confidently follow up on deliverables with internal and external parties with the expected results
• Develop or review material to support the creation or the improvement of various security requirements, plans and test cases
• Perform market analysis of different security solutions and concepts
• Support in successful achievement of daily tasks, such as incident management, user request management (new software security assessment, spam/phishing analyses)
• Monitor various security sources to identify and assess any new or emerging threats and risks for the ESM’s IT systems, processes and staff
• Ensure BAU tasks are consistently performed in a timely and accurate manner
• Prepare draft IT security assessments in the context of data location framework (DLF) reviews
• Review documentation and working files to support the annual ICF process and ensure ICF documentation is up to date
• Provide meaningful contributions to cyber exercise simulations or failover tests
• Advise on business continuity improvement initiatives
• Other tasks as necessary such as organising meetings, drafting agendas, preparing minutes or advising on security topics.
Further details:
• Solid understanding of the current IT security threat landscape and countermeasures
• Experience with MS 365 security administration, MS Azure management and hardening
• Good understanding of MS security landscape
• Extensive knowledge of contemporary IT security concepts, solutions and tools
• Experience in data protection and data privacy considerations in implementing various IT or IT security solutions
• Extensive knowledge of cloud security, M365 security, multi-factor authentication approaches, threat and vulnerability management, deception, and/or threat intelligence technologies
• Extensive knowledge of and experience with computer systems administration, computer networks, virtualisation technologies, programming
• Service delivery management experience (vendor management, reporting, relationship management, etc.) at a relatively senior level
• Project management experience
• Experience in evaluating IT security controls of various candidate providers
• Experience in internal control framework documentation reviews and attestations
• Experience in conducting failover tests of data centres
• Experience in conducting cyber exercise simulations or updating cyber incident response plans
• Ability to independently undertake assigned tasks or manage smaller projects with minimal intervention from supervisor
• Very good verbal and written English communication skills, other language skills are beneficial.
For further information regarding this role, please don’t hesitate to apply.