Limbi vorbite

engleză

Adresa/adresele jobului


Position Description:

You will support the implementation of security controls with special focus on patch management advisories, vulnerability remediation advisories and vendor recommendation topics.

 

Knowledge required - mandatory:

·Windows Server / Unix / Windows Client OS / Network

·CVSS and other vulnerability management systems

·Principles in Security management

 

Activities to be covered:

·Manage vulnerabilities through SMT toolset

·Ensure upload of data from several sources

·Upload and update such baseline information manually where required

·Support identification of ownership 

·Run and support the distribution process

·Escalate where appropriate any non compliance

·Monitor Vendor patch management and Security Advisory Feeds

 

Responsibilities:

  • Attending Operational meetings on regular base

  • Driving delivery compliance to the standards

  • Identify and drive improvements for the areas to be covered

  • Support local CSO and head of security for customer-specific requests related to the supported infrastructure

  • Maintain and/or develop appropriate documentation, preferably online

  • Support processes within the security tower:

  • Support Exception & Deviation Management

  •  Report creation recurring or ad hoc

  •  Maintain all dashboard data and keep KPI data up to date

  •  Support governance activities

  •  Maintenance of documents and audit relevant processes

  •  Support Governance processes

  •  KPI, Dashboard and other report activities

     

    Personal development:

    This role is not a client facing role but with  a broad coverage of all aspects of security. It is expected that the individual is maintaining actively appropriate and up to date knowledge. Industry standard certifications are welcomed and supported but not a requirement to fulfill the positions expectations. Industry certifications could be any security related certification, including Cloud Security Alliance, ISC2 or ISACA certifications. Certifications or personal efforts must ensure knowledge about common industry standards including ISB7799, PCI and other standards. In Germany, the BSI standard and principles should be known.

     

    The role requires a substantial level of independent and proactive working habit, it is expected that the individual of this role is capable to understand the importance of the procedures and client visibility of the results. As such, improvement activities will play a major role within the scope of this position.