Information Security Expert Hardening & DevSecOps

Large financial organization
  • Amstelveen Groenelaan 2 (CCA-Z), 1186 AA
  • Detachering
  • HBO, WO
  • 40 uur
  • Thuiswerken mogelijk
David Roelofs avatar
David Roelofs senior recruitment consultant

As a Security Expert (in Hardening & DevSecOps) you are performing hardening checks and subsequent risk assessments on assets of this bank. You will also be involved in securing DevOps assets (for example CICD pipelines). Your knowledge and experience will contribute to improving the overall security posture of the bank by helping development teams to bring security by design in their day-to-day work.

As a Security Expert you stay well informed on the latest developments in the field of technology and threats and you actively share this knowledge with your colleagues. You help solving security-related questions, take initiative and escalate in time if needed. You signal improvements related to the way of working inside the team and you contribute to improving the maturity and coverage of our service offerings. 

With the following results:

You are responsible for helping teams with the hardening of their assets. You will work as part of the hardening program and perform regularly scheduled checks to support compliance and also assist with the triage of new deviations. You will perform risk analyses for the deviations and report on findings. Next to this, you will be working in securing the DevOps assets within the bank. Similar to the hardening program, you will be performing regular checks on certain assets and will also be responsible for building security requirements. 

Relevant knowledge skills & competences:

Required skills: 

  • Approximately 2 - 5 years of relevant work experience in information security domain 
  • Experience with hardening standards (for example CIS) 
  • Knowledge about general hardening practices in regards to: operating systems (Linux, Windows), databases, network components, etc.  
  • Understanding of system architecture and design principles 
  • Knowledge about cloud security 
  • Knowledge of DevSecOps and related technologies 
  • Experience performing threat and/or risk assessments 
  • Willingness to learn and experiment 
  • Ability to translate technical requirements to business requirements 
  • You are fluent (verbal and in writing) in English 

Nice-to-have skills: 

  • Knowledge of containers and related technologies (for example Docker/Kubernetes) 
  • Working experience with PowerBI  
  • You possess a number of relevant certifications like CISSP, cloud security certifications, etc. 
  • Exposure to banking, or equivalent highly controlled technology environment is preferred 
  • You are fluent (verbal and in writing) in Dutch 

Solliciteren

Inclusiviteit en diversiteit

Uiteraard staat deze vacature open voor iedereen die zich hierin herkent. We geloven dat diverse teams van belang zijn voor ons als lerende organisatie, die voorop wil blijven lopen in de wereld van werk. Want juist verschillen tussen mensen zorgen voor groei. Van collega's, klanten, kandidaten en daarmee van Yacht. Heb jij een uniek talent? We ontmoeten je graag.

David Roelofs avatar
David Roelofs senior recruitment consultant

Vragen?

recruiter David Roelofs

David Roelofs

senior recruitment consultant

Het sollicitatieproces

1  van 5

Je sollicitatie en cv worden doorgenomen door David Roelofs

2  van 5

Binnen 5 werkdagen ontvang je een reactie

3  van 5

Is er een match, dan plannen we een persoonlijke kennismaking

We onderzoeken samen jouw ambitie en mogelijkheden

4  van 5

Daarna word je (eventueel) voorgesteld bij onze opdrachtgever

Wanneer de klik er is, ga je starten bij je nieuwe uitdaging!

5  van 5

Afhankelijk van het soort dienstverband (interim, zzp of vast), ontvang je van ons een aanbod