ICT Security Operation Centre Officer
Our client has identified a need to setup a Security Operation Centre which aim is to streamline and centralize operational tasks relative to (cyber) security. Within this context the need for an external resource has been identified to work on various tasks relative to operational aspects of a Security Operation Centre.
Mission Description :
The mission shall be comprised of the following practical tasks & deliverables...
1. fulfilling security-related operational tasks (possibly centralizing activities currently done within Operational teams:
o security policies implementation advice (e.g. hardening & patching, …)
o analysis of operational teams requests on firewall rules and give Go/NoGo following relevant security policies
o Authorization cards management in conjunction with Business (e.g. managing the roles defined in the Identity Access Management (IAM) platform, providing reports, etc.)
2. screening & analysis of reports related to security
3. Operational role in detecting, reporting, resolving of incidents following a cyber incident notification or following his/her own detection, up to participation in the ICT Crisis Plan should this be activated
4. helping the Security Officer to define reports related to security
The person apt to perform this should be competent and experienced in the domain of the general domain of ICT security.
The required hard skills, in descending order of importance, are as follows...
1. A minimum of 4 years’ experience in an ICT environment in a responsible role (e.g. network engineer or system administrator).
2. Documentation management & reporting definitions
3. ICT vulnerability, anti-malware and security patching subjects.
4. Security within the following ICT domains:-
o Systems: Windows (PC’s & Servers), HP Unix & Linux servers, standalone & virtualised
o Storage: SAN & LAN based storage
o Network: Cisco 2/2
o DB: Oracle & MS SQL
• Microsoft Office & typical enterprise applications
• Industrial control systems
• Microsoft Framework developed (.Net) applications
The following soft skills are considered descending order of importance
1. Be meticulous in the screening of reports, alert and prompt to report incidents
2. Assertive communication skills in order to involve the impacted business and technical stakeholders correctly.
3. Ability to react properly under stress (e.g. following a cyber incident notification or following their own detection)
• The consultant must be able to communicate, both orally and written either in Dutch and/or French. English will be used for documentation.
• Given more than one proposed candidate with similar level of competences (see above), a tri-lingual consultant will be preferred over a bi- or mono-lingual consultant.