Your Role Being a member of the Uni.lu security operations team you will be working closely with the Chief Information Security Officer to develop and implement a comprehensive information security program.
This includes defining security policies, processes and standards.
As security analyst you will work with the rest of the IT department to select and deploy technical controls to meet specific security requirements, and define processes and standards to ensure that security configurations are maintained.
This job includes the following responsibilities, but are not limited to Work with all stakeholders to identify security requirements, using methods that may include risk and business impact assessments.
Components of this activity include but are not limited to : Business system analysis Communication, facilitation and consensus building Assist in the coordination and completion of information security operations documentation Work with the CISO to develop strategies and plans to enforce security requirements and address identified risks Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle Work In cooperation with other teams of the IT department and members of the information security team to identify, select and implement technical controls Develop security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained Advise security administrators on normal and exception-based processing of security authorization requests Research, evaluate and recommend information-security-related Hardware and software, including developing business cases for security investments Contribute to different activities such as for examples : participation in Penetration Testing and Vulnerability Assessments, definition and Implementation of Controls, Incident Detection and Response, Information Security Architecture definition Your Profile Educational Qualifications Minimum of five years' IT or network security experience Bachelor's degree in information systems or equivalent work experience Certification related to information security are considered as a plus Technical Competency In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls Knowledge of and experience in developing, executing and documenting security architecture and plans Experience with common information security management frameworks, such ISO 2700X and the ITIL, COBIT and National Institute of Standards and Technology (NIST) framework are considered as a plus In-depth knowledge of risk assessment methods and technologies Proficiency in performing risk, business impact, control and vulnerability assessments Excellent technical knowledge of mainstream operating systems (Windows, Linux, Mac OS X) and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, Anti-Malware solutions, automated policy compliance tools, and desktop security tools Experience in developing, documenting and maintaining security policies, processes, procedures and standards Knowledge of network infrastructure, including routers, switches, Firewalls, and the associated network protocols and concepts Audit, compliance or governance experience is preferred Occupational Personality Strong analytical skills to analyze security requirements and relate them to appropriate security control Ability to interact with lu's personnel at all levels and across all business units and organizations, and to comprehend business imperatives Strong written and verbal communication skill in English;
knowledge of German, French or Luxembourgish is a strong asset A strong customer / client focus, with the ability to manage expectations appropriately, to provide a superior customer / client experience and build long-term relationships