Job ResponsibilityJob Description
o Security Operations Management
o Service Manager for the security supplier for the Security Operations Center
o Define and monitor improvement plan for Security Operations processes, which includes:
o Improvement of detection of security incidents by reduction of false/positive rate
o Increase in effectiveness of runbooks in case of security incidents / crisis
o Create and maintain a database of Indicators of Compromise
o Create and maintain an operational and tactical cyber security dashboard
o Attend operational security meetings with suppliers
Results: Cyber Security Dashboard
o Security Incident Management
o Responsible for the global security incident management process (governance,
management / coordination of global security incidents)
o Monitor and follow up on global cyber security events and incidents.
o Align with problem management in improvement actions regarding of security incidents
o Monitor the implementation of the defined security controls
o Analyze and conduct audits with regard to the implementation of security controls and their
effectiveness
Results: Effective cyber security incident management process
o Communication
o Maintain an operation cyber security board with security stakeholders within C-ICT
o Communicate changes of security baselines, principles and guidelines internally as well as to
suppliers.
o Regularly communicate the updated security dashboard to stakeholders.
o Use visualizations to explain the vision, analysis of opportunities and risk, choice and
consequences
Results: Security Operations Board
o Runbooks, security baselines, principles and guidelines
o Define, review and operationalize runbooks, security baselines, principles and guidelines
o Monitor and test the effectiveness of security runbooks
Results: Security Runbooks
o Threat and Vulnerability Management
o Set up and maintain an operational threat and vulnerability management system that adhere
to the defined vulnerability and patch management standards.
o Perform regular risk assessments in alignment with IT service departments and make risks
and security improvement actions actionable to the IT service owners.
o Supervise actions in case services / projects or information is at risk or when threats warrant
it
o Identify trends relating to (potential) security breaches, current security risks and incidents
o Assess developments and trends for the organization and inform and advise management
on these developments
Candidate Qualifications:
??You are customer focused and can act with speed and decisiveness to achieve the best
results.
??You take responsibility for your work and are continuously looking for new opportunities to
make a change.
??Proactive, intervenes as appropriate and able to effectively collaborate with multiple
stakeholders to implement solutions that safeguard the IT systems.
??Broad knowledge of IT security and solid hands-on experience in implementing various IT
security technologies, particularly Microsoft solutions, to secure a complex end user
computing operation.
??Degree in Computer Science / Information Technology or its equivalent. Recognized IT
security certification is preferred.
??Minimum 5 years of experience in IT Security with sound technical knowledge on Microsoft
solutions such as authentication and authorization, AV, APT, MFA, PKI, DLP, Encryption,
etc.
??Professional certification in IT Security or Forensic preferred - e.g.
CISM/CISSP/CEH/CFCE/CHFI/GCIH/GCFA or GCIA etc.
??Knowledge and experience of world class IT Security methods and best practice
??Familiar with use forensic tools and investigative methods to find specific electronic data, and
provision with technical skills
??Expertise in hacking and intrusion techniques and prior experience with security testing and
computer system diagnostics
??Experience of working in a complex geographical/functional matrix organization
??Skills in relationship management and influencing at all levels of the organization
??Extensive experience in IT related positions, with experience in managing teams and
technical experts
??Knowledge and understanding on networking (LAN/WAN) and cloud services (Azure, AWS
and O365) is preferred.
??Knowledge and application of IT security standards, security control frameworks and risk
management techniques.
Job RequirementsJob Benifits
