[INTERIM] security consultant

Function description

We are looking for an Information Security Consultant with experience in domains of ISO27001, Cyber Security, Audit, Risk Management and Compliance. A Consultant that can foster continuous improvement in the security state of this organization. Combination of knowledge on technology, processes and governance in order to improve the security state of this organization. Looking for a hands-on consultant to work in the GS Security Guild in the epics of SIEM, Vulnerability Management, Patch Management, LifeCycle Management and Security Testing.

Day to day activities

  • Educate squads on policies & procedures to ensure compliance to Information Security Standards 
  • Coordinate Vulnerability Scanning provider and alignment with team squads in order to eliminate the vulnerabilities 
  • Design and test reporting requirements in build tooling 
  • Analyse reports of vulnerabilities (Nessus output) and identify mitigating measures (create backlog stories) that should be executed by team squads 
  • Perform root cause analysis on missing patches, vulnerabilities and lifecycle issues. Propose sustainable and automated solutions to illuminate the root causes 
  • Create written and automated reports, detailing assessment findings, vulnerabilities, PTA and recommendations 
  • Coordinate penetration tests supplier and alignment with team squads from an insider threat perspective. 
  • Information security audits & QA activities
  • Analyse malware behaviour, network infection patterns and security incidents
  • Produced advisory reports regarding 0-day exploits and CVE vulnerabilities 
  • Perform Vulnerability Assessments challenges of assessments performed by supplier 
  • Provide training of team squads on Information Security and best practises 
  • Analyse Security Design documentation of team squads for applications and provide improvement suggestions

What the client requests

Required tooling knowledge

  • Vulnerability Assessment Tool Nessus
  • SIEM Tool HP Arcsight
  • Scanning tool static HP Fortify and Checkmarx
  • Penetration Testing Kali Linux

Generic Skills

  • Excellent verbal and oral communication skills (English)
  • Good demo and presentation skills
  • Team worker, ambitious and Can-Do mentality
  • (Corporate) Entrepreneurial spirit
  • Able to motivate the team squads to the next level of security maturity and performance
  • Able to create a positive attitude towards IS in meetings and demo sessions
  • Used to working on a global level with colleagues around the world from various cultural backgrounds
  • Used to Agile scrum way of working

Other

  • Available as soon as possible!
  • Assignment till end of year, possible extensions

Details

DienstverbandInterim
Uren per weekFull time
RegioAmsterdam
NiveauMedior
OpleidingsniveauHBO