IT Security Consultant – Security Architect
How will you make a difference?
As a security architect, you improve the security of our clients’ businesses. Using your creative technical skills, you provide original solutions to problems they have (and don’t even know they have).
Our clients will come to you for security advice whenever they make changes in the network, system or application architecture. You will be the one to assess the security risks of these changes and you define how the final solution should be built and which requirements it should fulfill.
Who are we looking for?
• You are a security engineer with a few years of experience in ICT Security. You are ready for your next move and want to take some distance from bits, bytes and CLI consoles. You want to have a broader view of things, be a more accomplished consultant.
• Yes, you are ready to become a Security Architect!
• You are ambitious, have a passion for security, want to learn more, more and more.. But you need context and guidance. We will help with that.
• You are flexible, motivated and loyal. You are analytical, structured and responsible.
• You consider pizza to be brain food.
What do we offer?
At Toreon, we are all about people (and their brains). We help our team members to develop themselves to be better experts, better professionals and better team players.
We are dedicated to sharing and expanding knowledge. We work hard and play hard. Although we maintain a fun filled culture at the office, we are very serious about our clients’ needs.
• You get a big training budget.
• You get all the usual: car, PC/MAC, phone.
Our way of working is a team approach. You are always part of a Toreon team working at our clients. You work with senior and junior people with different backgrounds. This will help you to learn from the best and become a better rounded consultant.
As an organisation, we are always trying to organise ourselves better. But we are a young company. You are expected to do your part in making us all better.
Show us your sense of responsibility and we will allow for a very flexible job that fits your personal and family’s needs.
What do we expect of you?
We are not a 9 to 5 company. You are expected to be flexible in your work and your time management.
You provide consulting to our clients and will work around their schedules. In return, we will be flexible towards your needs.
At our clients, you will be the Security Architect on ICT projects:
• Security and architecture is not your job, it’s your passion!
• You are eager to learn about security architecture frameworks and explain it to your colleagues.
• You perform risk analyses to provide the people in charge with precious insights.
• You design security solutions to reduce align on acceptable risks.
• You judge security measures and give advice.
• You support operational security processes, such as:
– Monitoring security events to detect incidents
– Incident handling
– Monitoring correct execution of user and access management
– Managing crypto keys and certificates
• You participate in BCP/DRP activities (did you really have to look that up?)
• You guide security assessments and do the follow-up
• You develop and improve tools and templates to support all of these tasks
At the office, you will make coffee, get sandwiches, fill the dishwasher and take the garbage out (but so do we).
Expected knowledge and experience
• Good knowledge of ICT systems, networks and security technologies
• Knowledge of ISO 27001 security framework
• Relevant master degree or equivalent
• Minimum 2 years of experience in ICT security engineering or consulting
• Excellent communication (=social, soft) skills
• Good writing and presentation skills (Dutch, English, French)
• You are a team player, but are also able to work independently and to deliver results
• High level of personal integrity, with the ability to handle confidential information in a professional way
• Able to withstand background check in order to attain ‘BE Secret’ clearance and FANC nuclear clearance (aka you are not a terrorist)
Nice to haves:
• Knowledge of application development and application security
• Knowledge of risk assessment methods
• CISSP/CISM training and/or certification