Excellent opportunity for IT Security engineer.
This position is part of the IT Security Team which is part of Central IT. Central IT is serving the whole XXX Company group (30 sites and 13000 employees) with central IT services.
The IT Security team has the following missions:
- Establishing and maintaining a centrally managed framework designed to protect confidentiality, integrity and availability of Company XXX information as well as the IT systems supporting it
- Maintain an information security management system (ISMS) which includes:
- Defining information security policies, standards and procedures
- Conducting continuous and annual information security risk assessment
- Implementing IT related controls that ensure data is adequately protected
- Ensuring that security incidents are properly managed and business continuity is promoted
- Implementing security awareness measures to enhance the security culture and develop a broad understanding of the requirements on Information Security
- Supporting information asset owners and managers in the definition and implementation of controls, processes, guidelines and supporting tools to comply with the policy
- Conducting information security assessments
- Reviewing and monitoring compliance with the policy statements and contributing to Internal Audit and Control processes
- Periodic reporting on security relevant topics to information security steering committee and relevant management
Primary Purpose; The IT Security Engineer is an all-rounder with subject matter expertise in a broad range of security areas such as: malware protection, network and system security as well as incident response. Key Accountabilities: Support a variety of IT security projects such as: - Rollout and upgrade of end point malware protection solutions - Participate in firewall roll out projects - Participate with other team members in operational security activities such as: - Tracking and monitoring of security compliance (patching, malware pattern updates, OS life-cycle, disk encryption, etc.) - Vulnerability scanning - Getting engaged in incident response activates with the team and our outsourced SOC - Engaging in firewall rule reviews, request approvals - Managing our incident reporting mailbox (reports on security issues, phishing attacks, etc.) - Assessing IT projects and vendors and helping them to consider security adequately - Participate with the team in various security awareness activities such as communication and training campaigns - Engage in a variety of activities to continuously improve the security measures and processes - Promote a safe working environment by being safety conscious at all times - Other duties as assigned