What do we expect from you?
- To perform a general security risk assessment for new projects or for changes to existing applications, infrastructure components or services.
- To ensure that the new projects (or changes to existing systems and platforms) are compliant with Proximus security policies and any security standards that Proximus has to comply with.
- To research and document the security risks raised by the new technologies introduced into the company in the IT, Telecommunications and Internet landscapes.
- To provide security requirements to be included in RFQ and RFP’s based on Proximus Security NFR’s and to evaluate vendor responses.
- To provide support to the end users, upon request, during the implementation of security requirements.
- Participate to the decision to launch new projects into production (steering committee meetings).
- Knowledge of ISO 27001.
- Good understanding of various security domains such as: IP network protocols and services, user authentication methods, encryption, voice technologies, wireless technologies, web applications. Knowledge and experience on cloud Azure, move to cloud and cloud-to-cloud is an advantage, and an added value.
- Very good knowledge of the security features offered by, and the security risks encountered in complex ICT environments.
- Ability to understand business products and processes in order to perform related security risk assessment.
- Good understanding of the main security products and tools such as: firewalls, intrusion detection and prevention, log file aggregators/analyzers, vulnerability assessment.
- Is able to explain security topics/issues to non-technical people and higher management.
- Is able to take decisions based on his analysis.
- Security-minded, learning agility, good negotiation and communication skills, autonomy, assertiveness.
Fluent in French and English with good knowledge of Dutch.