Security Analyst/Consultant

Location: Belgium/Hybrid

Position Type: Contract/Freelance

Company: Stott and May

About Us: At Stott and May, we take information security and cybersecurity seriously. We are looking for a dedicated Security Consultant/Analyst to join our team. In this role, you will play a pivotal role in enhancing our security measures, ensuring compliance with regulations, and safeguarding our organization's data and systems.

Job Description:

Information Security Focus Area:

• Develop Information Security Roadmaps and Standards: Collaborate with stakeholders to assist in the development of Information Security roadmaps, plans, and standards that align with the organization's goals and objectives.

• Contribute to Security Policy Formulation: Play a key role in formulating and refining the organization's security policy, ensuring it addresses emerging threats and industry best practices.

• Security Reviews and Compliance: Conduct regular security reviews to assess compliance with Information Security standards and policies, identifying gaps and recommending improvements.

• IT Risk Assessment: Evaluate IT risks, threats, and potential consequences to enhance security measures, ensuring proactive risk management.

• Comprehensive Security Plans: Develop comprehensive plans for the prevention, detection, correction, and remediation of security incidents and vulnerabilities.

• Education and Awareness: Educate and raise awareness among senior management and all organization members about the importance of Information Security and best practices.

• Policy and Regulation Compliance: Continuously assess and ensure compliance with Information Security policies, regulations, and legislation relevant to our industry.

• Third-Party Security: Evaluate compliance with third-party and external partner security requirements, ensuring the security of shared data and resources.

• Review of Recommendations: Review the implementation of previous security recommendations and corrective actions, tracking progress and effectiveness.

Cybersecurity Focus Area:

• Incident Monitoring and Investigation: Monitor alerts within Microsoft Sentinel and promptly investigate cybersecurity incidents, taking necessary actions to mitigate threats.

• Analytics Rule Development: Develop new Analytics Rules using Kusto Query Language (KQL) in Sentinel to enhance threat detection capabilities.

• Playbook Implementation: Implement playbooks in Sentinel for automated alert processing, improving incident response efficiency.

• Data Loss Prevention (DLP): Maintain and monitor Data Loss Prevention (DLP) policies to prevent unauthorized data disclosure.

• Azure Information Protection (AIP): Oversee and manage Azure Information Protection (AIP) policies to safeguard sensitive data.

• Infrastructure as Code (IaC): Create pipelines in Azure DevOps to deploy resources in Azure using Infrastructure as Code (IaC) tools like Bicep or Terraform, ensuring secure and compliant deployments.

Qualifications:

• Bachelor's degree in Information Security, Cybersecurity, or a related field (or equivalent work experience).

• Strong knowledge of Information Security and Cybersecurity principles, standards, and best practices.

• Proficiency in Microsoft Sentinel and Kusto Query Language (KQL) for threat detection and incident investigation.

• Experience with Data Loss Prevention (DLP) and Azure Information Protection (AIP) is a plus.

• Familiarity with Infrastructure as Code (IaC) tools like Bicep or Terraform.

• Excellent communication and collaboration skills.

• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are a plus
  EU National with Possibility to obtain EU Security Clearence

Note: Only shortlisted candidates will be contacted for interviews. Thank you for considering a Contract with Stott and May!