Business Continuity & Information Security Specialist (m/f/n)

We are supporting a long-term project for a major EU public-sector organization, and we are currently looking for an experienced Business Continuity & Information Security Specialist. IMPORTANT: Please note that this job would require you to initiate the process of getting a Security Clearance certificate. We will be happy to give you more details during the interview. Network Infrastructure: ➢The LAN in the clients' buildings (approximately 80 buildings spread over Brussels, Luxembourg) ➢The connections between these buildings as WAN (MPLS technology) ➢Wifi Hotspots spread over the clients' buildings ➢Data Centre network services Network Security and Network Application Infrastructure: ➢The security perimeter consists in a multi-layer infrastructure of firewalls of different vendors. ➢The incoming and outgoing accesses with the external world pass through dedicated appliances working as proxies and reverse proxies. ➢DNS infrastructure and authentication servers are part of our domain of competences. Telephony and Videoconferencing Infrastructure ➢Only Non-end-user devices and specific end-user devices and interact to the classic telephony service ➢Large video studio, video conferencing room and personal video systems Network Intervention Services: ➢On-site intervention services including the technical room management ➢Storehouse and spare services Compliancy Infrastructure: ➢Definition and maintenance of processes including the associated tooling, metrics and KPIs ➢Reporting of metrics and KPIs Supporting Infrastructure: ➢Definition and maintenance of underlying infrastructures including the filesystems and the central computer platforms ➢Maintaining and develop automation tooling to ease use and increase reliability of the service Test and lab infrastructure: ➢Assist in defining test programs for design projects ➢Assist in automating test programs as regression testing and fault testing and allow for faster validation of design changes Requirements: •Education : BAC + 5 or more is an asset •Have at least 5 years of experience in the security services area •Have at least 3 years of experience in the domain of information security management •Preferably ISO 27XXX certified •Preferably ISO 223XX certified •Juniper SD WAN •Working knowledge, written and spoken, of English required. French desirable Skills required: •Very good technical knowledge and experience of at least 3 years in business/service continuity management for security domains (firewalls, proxies and reverse proxies, loadbalancer, remote access) •Solid documentation skills •Strong organisational and analytical skills •Strong interpersonal skills •Strong communication skills •Good knowledge of security policies and their application •Experience in audit on the development and deployment of Information management Information systems (ISMS) •Knowledge of regulatory/compliance requirements Activities: For this position, we are looking for 2 half-time. The first half-time with the role of Business continuity/Service manament Specialist (BCMS) and the second with the role of Information Security Management Specialist (ISMS) Role of Business continuity/Service management Specialist (BCMS) •Interface between the organisation and the Customer for the business continuity/service continuity aspects •Responsible of the BCP escalation inside the organisation for crisis management •Develop, maintain and improve the business continuity/service continuity policies •Develop the different BCP/DRP scenarios •Ensure that the Recovery Time Objectives (RTO) are respected and propose service improvement if it is not the case. •Risk management: Ensuring that risks identified and pertaining to the business/service continuity processes are addressed. •Develop adequate business continuity/service continuity documentation •Planning and leading BCP/DRP tests and ensure correct review of processes and documentation if needed after the tests •Audit of Business continuity/service continuity processes •Ensure compliance of the business/service continuity management are compliant with EC's corporate BCP policies •Train regularly the organisation and the customers to these Business continuity/service continuity processes •Collaborate in the BCP exercises •Analyse impact of other processes or other ITIL V3 phases on the BCP •Communication management/escalation management •Develop, Manage and monitor annual workplan in the domain of business continuity/service continuity management. Role of Information Security Management Specialist (ISMS) •Establish, implement and monitor an information security strategy to be adopted by the organisation, this strategy being derived from the Ec's information security strategy •Establish, implement and monitor information security policies for the organisation, based on the EC's standards and policies •Conduct risk management activities (Risk assessments, gap analysis, business impact analysis) to help the customer to reach an acceptable level of risk •Advise and make recommendations regarding appropriate technical security controls •Develop and manage the security incident management program within the organisation to ensure the prevention, detection, containment of security breaches •Vulnerability audits and mitigation procedures •Develop, monitor and report about appropriate metrics existing for the different deployed processes supporting the security policies in place •Educate and raise information security management awareness within the organisation •Analyse security compliance for customers' services and ensure correct adoption and adaptation of security policies into these services •Develop security plans for the different services managed by the customer •Develop, manage, and monitor the annual workplan in the domain of Information security management •Key liaison between the Ec's security directorates, the customer, the auditors for the Information security management activities •Write specifications for the development of the security policies supporting tools •Assess, test and select security policies supporting tools •Follow-up on the development and maintenance of the security policies supporting tools Location and Timing issues: •Project Business hours: 7H-19H => being able to regularly start between 8AM and 9AM Offer: •B2B contract •Rate up to 690 EUR/MD •Remote setup (The client may occasionally require on-site presence in the Luxembourg office) •Start: ASAP