Cream Consulting - Cybersecurity Analyst
job description
What is a CyberSecurity Analyst at Cream?
Within the Infrastructure's practice together with Paul, embrace your role and be responsible for ensuring security of infrastructure or application technology through the implementation of security services, risk assessments, requirements setting and active participation in project delivery lifecycle, as well as ensuring adequate processes and procedures.
Your tasks
Define and submit security configuration and operations standards for security systems and applications, including policy assessment and compliance tools.
Develop and propose baseline security configurations for operating systems, applications, networking and communications equipment.
Perform technical security audits.
Perform log analysis and security monitoring.
Proactively work with our clients to deliver high-quality advice and assurance on management and/or technical challenges in the domain of CyberSecurity and IT risk.
Identify, analyse and transform CyberSecurity and IT risk-related issues into practical solutions, in view of the client's business agenda.
Communicate relevant CyberSecurity and IT risk issues and recommendations to internal and external stakeholders.
How do we imagine our future Consultant?
You have at least 5 years of relevant experience in IT security.
You have an advanced knowledge in security best practices references such as ISO 2700X, OWASP Guidelines...
You handle security risk management methods and tools, network protocols and application communications.
You have a good knowledge of the following security technologies:
SIEM, Firewalls, intrusion detection and prevention systems, security information and event management, identity and access management, remote access methods, wireless protocols and services.
You are able to work with autonomy while being also a great team player.
You are fluent in French and English;
a good knowledge of Dutch might be an asset for some projects.
Bonus
You have a good knowledge of Advanced Persistent Threat detection, data loss prevention, vulnerability analysis and mitigation, Public Key Infrastructure, communications and data encryption.
You have a good knowledge of backup and disaster recovery methodologies, business continuity planning and governance.
You have a certification in Information Security (CISSP, CISM, CISA, GIAC...)