Cyber and Information Security Officer

You will join the Solutions and Services team within the SNCB CISO organisation (Cyber and Information Security Office), a team consisting of technical specialists.

You assist in different cyber security projects and coordinate third parties to deliver parts of the security solutions required to protect the NMBS organization.

You perform the third level support of the incident response activity in collaboration with the SNCB CSIRT team, which includes root cause analysis, remediation and forensics.

You facilitate the necessary penetration tests to protect SNCB’s applications and infrastructure in collaboration with the business and third parties.

Solutions and Services

• Build IT projects and solutions, in line with CISO policy
• Build out and improve security solutions & services
• Set up and maintain the technical processes & standards
• Follow up of the remediating actions of the Vulnerability scans
• Organize Pentesting and follow up of the findings
• Define and check the use cases for Security Incident Event Management (SIEM)
• Participate actively in Incident Response
• Define Data Leakage Prevention rules and treat the events
• Validate IT projects (and changes) and solutions (Ypto, business) are built according to the requirements and standards of solutions and services

You will work closely with IT project managers and operational managers to identify or mitigate cyber security issues, with IT PMO to align with existing IT processes, with SNCB and Ypto Data Protection Officers to guard privacy and with IT Compliance Officers to align on risk.

Vereisten

We are looking for an all-round cyber security officer with a deep technical understanding of a wide range of security concepts.

• Bachelor degree or equivalent experience
• 3 to 10 years of relevant experience in cyber security
• Good knowledge of the OWASP top 10, testing guides and verification standards.
• Knowledge of red team blue team tactics
• Experience with penetration testing web/mobile applications, networks and systems
• Programming experience with Python and/or Front-end Angular/Html/CSS/Bootstrap
• Ability to query and manipulate databases using SQL
• Able to use Bash and PowerShell to automate tasks and administer machines
• Knowledge of SIEM (Sentinel), Forensics and Malware analysis
• Familiar with Azure cloud security concept
• Experience using and setting up ELK
• Hands-on experience with Linux distributions such as Ubuntu and Redhat
• General technical IT security knowledge such as encryption, PKI, OS hardening, vulnerability management, anti-virus, etc are a plus
• Spoken and written fluency in English; basic understanding of Dutch or French