As a Security Expert (in Hardening & DevSecOps) you are performing hardening checks and subsequent risk assessments on assets of this bank. You will also be involved in securing DevOps assets (for example CICD pipelines). Your knowledge and experience will contribute to improving the overall security posture of the bank by helping development teams to bring security by design in their day-to-day work.
As a Security Expert you stay well informed on the latest developments in the field of technology and threats and you actively share this knowledge with your colleagues. You help solving security-related questions, take initiative and escalate in time if needed. You signal improvements related to the way of working inside the team and you contribute to improving the maturity and coverage of our service offerings.
With the following results:
You are responsible for helping teams with the hardening of their assets. You will work as part of the hardening program and perform regularly scheduled checks to support compliance and also assist with the triage of new deviations. You will perform risk analyses for the deviations and report on findings. Next to this, you will be working in securing the DevOps assets within the bank. Similar to the hardening program, you will be performing regular checks on certain assets and will also be responsible for building security requirements.
Relevant knowledge skills & competences:
- Approximately 2 - 5 years of relevant work experience in information security domain
- Experience with hardening standards (for example CIS)
- Knowledge about general hardening practices in regards to: operating systems (Linux, Windows), databases, network components, etc.
- Understanding of system architecture and design principles
- Knowledge about cloud security
- Knowledge of DevSecOps and related technologies
- Experience performing threat and/or risk assessments
- Willingness to learn and experiment
- Ability to translate technical requirements to business requirements
- You are fluent (verbal and in writing) in English
- Knowledge of containers and related technologies (for example Docker/Kubernetes)
- Working experience with PowerBI
- You possess a number of relevant certifications like CISSP, cloud security certifications, etc.
- Exposure to banking, or equivalent highly controlled technology environment is preferred
- You are fluent (verbal and in writing) in Dutch
Inclusiviteit en diversiteit
Uiteraard staat deze vacature open voor iedereen die zich hierin herkent. We geloven dat diverse teams van belang zijn voor ons als lerende organisatie, die voorop wil blijven lopen in de wereld van werk. Want juist verschillen tussen mensen zorgen voor groei. Van collega's, klanten, kandidaten en daarmee van Yacht. Heb jij een uniek talent? We ontmoeten je graag.