7+ years of proven experience with information and IT security is required.
Proven experience with business projects for IT Security consultancy, support, review and assessments
Resource is asked to be available for 4 days (32 hours) per week for almost a year, starting from 1st of March 2023. (or latest 13th of March 2023)
Strong communication skills as necessary for the management of the stakeholders within the projects involved.
Advanced level of spoken and written English is a must.
Requirements
Proof of competence through a current certification in the area IT security (CISSP, other technical certifications)
Primarily;
Proven experience in the creation of IT security concepts and performing risk analyzes according to ISO27001
Experience in the performing IT security architecture assessments
Experience in Infrastructure security, such as network security, multi layered defensive security, infrastructure security by design, end point security and know how about tools like Firewalls, Proxies, anti-malware concepts etc.
Experience in application security and related concepts, such as but not limited to; OWASP, web application security principles, securing REST interfaces and APIs, different authentication and authorization concepts.
Preferably experience in Cloud Security, especially for Microsoft Azure.
Technical Skills:
Who should be having a technical background in IT Security
Who has adequate level of know-how on all (ISO) domains so that he/she could select relevant controls applicable to the project scope and do perform security and compliance reviews for the projects.
Who has worked on assessing and handling the information security for the suppliers/3rd parties who are providing services or processing
Who could perform Threat Modelling Assessments towards System architecture, e.g. using MS