IT Security engineer

Job Description:

The IT Security Engineer will be located in BICS Headquarters Brussels and will report to Corporate
Security.

As security SPOC inside key business projects you will be consulting and advice on practical
implementations and security measures taking into account both the established Security Policies and
guidelines and the business requirement.

You will interact with IT and Network engineering departments in order to identify the most optimal and
balanced solution which consolidates both security and project requirements. You seek consensus and are
able to find alternative solutions, mitigations if needed. You will verify, validate and approve the firewall
change request are in line with the agreed design.

You perform the necessary validation of the deliverables yourself, alternatively if needed, you will setup
and coordinate the execution of External PenTests in order to validate the Security of the project
deliverables prior to going into production. Pentest results will be analysed and translated by you into
recommendations. You have ability and skills to articulate and present your observations and
recommendations to Project Stakeholders as well as Senior Management. You will also identify and
quantify remaining residual risks using BICS’ Risk Management Framework.

You will be governing both exceptions & exemptions, and you will act as a contact for any ad-hoc security
consultations. As a member of Corporate Security Department you will also assist in the continuous
enhancement of the BICS Security Operations Center and the processes thereof.

Task description

Your most important challenges will be:

 The analysis of security aspects of business projects. Ensure the projects are provided with the
appropriate level of technical guidance to guarantee sufficient Security controls are implemented in
the different projects.
 Works with all units of the company to identify security requirements, using methods that include risk
and business impact assessments. Components of this activity include but are not limited to
communication, facilitation and consensus building.
 Ensure up-to-date security documentation is available.

In this role you will also be responsible for :

 Design and consult on solutions which achieve an optimal balance between Security and project
requirements
 Collaborate to security incident management response activities as well as the investigation of security
breaches.
 Undertake the development and maintenance Standard Security Requirements standard and checklist.
 Ensuring up-to-date security and project related documentation is available at all times.
Your Profile:

 You have a University Degree in Information Technology or equivalent experience.( or an equivalent

experience can be demonstrated (eg. Civil/Industrial Engineer, Licence in IT);
 Basic knowledge of the telecom sector and the applicable technologies;
 Practical knowledge of security systems and good knowledge of security solutions on the market
(eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI ...);
 Basic knowledge of general network environment (LAN, WAN, WiFi, routers, switches);
 Basic knowledge of network communication protocols (Ethernet, TCP/IP, MPLS);
 Good Application Penetration knowledge
(eg. XSS, buffer overflow, URL tampering, SQL Injection, dDoS, Botnet, ...);
 Preferably a University degree, 3 to 5 years’ experience in the Security domain (IT or Network domains
are also valuable);
 Technical knowledge of mainstream operating systems and a wide range of security technologies, such
as network security appliances, anti-malware solutions and desktop security tools;
 Knowledge of network infrastructure, including routers, switches, firewalls, and the associated
network protocols and concepts;
 Knowledge of and experience with identity and access management (IAM) principles, processes and
tools;
 Flexible and open for fast changes;
 Good presentation and communication skills;
 Team player;
 Understanding of operational methods and procedures;
 Flexible and open for fast changes.
 You are fluent in English.
 Knowledge of Dutch and/or French is a plus.