Beschreibung
For our global client in Basel we are searching for a Security Risk Assessment Contract Consultant.
The Job:
- Performing security risk assessments for information and IT assets (applications, infrastructure, web apps, cloud platforms, mobile apps etc)
- Liaise with system and application owners to schedule, agree scope and assess their systems and follow-up on recommended controls.
- Support system, application and data owners to determine criticality of their assets.
- Contribute to reviews of the assessment methodology.
We are looking for candidates with:
- Experience with performing security risk assessments on information systems and data assets (Minimum 5 years)
- Experience with recommending/implementing security controls (eg SANS/CIS top 20, ISO 2700x) to protect the confidentiality, integrity and availability of information and systems and validating their implementation (Minimum 5 years)
- Strong understanding of IT infrastructure and application architecture
- Familiar with security threat models for COTS, internally developed, mobile, cloud and web applications (eg OWASP, STRIDE)
- Experience with following up on recommendations and issues related to those recommendations (Minimum 5 years)
- Excellent written and spoken communication skills in English
- Methodological/systematic
- Can work within tight timelines
- Can work independently to complete tasks
- Certification in security-related disciplines and technologies would be an advantage (accreditation such as CISSP, CISA, CISM, CRISC).
- Exposure to banking environment (preferable)
- Knowledge of application security testing and penetration testing (optional)
We look forward to receiving your CV in English.