Cyber Security IAM Designer

Job Title: Cyber Security IAM Designer
Contract Type: Contract
Location: Brussels
Salary: Negotiable
Start Date: ASAP
Reference: 69457-ITBEL-GAT_1494862367
Contact Name: Gaetan Tangton
Contact Email:
Job Published: May 15, 2017 16:32

Job Description

The successful candidate will join the Cyber Security Management - Security Projects and Services team which is part of the Corporate Technology division. The main responsibility for the Cyber Security Management team is to ensure that the technology infrastructure at the company protects corporate assets from unauthorised access, modification, disclosure and destruction. CSM SPS is the service owner of the logical security domain and infrastructure through the implementation of security services and infrastructure, risk assessments, requirements setting, and active participation in the project delivery lifecycle, as well as ensuring adequate processes and procedures for the security administration teams.

As part of the CSM SPS team, the main responsibilities for the candidate are;
- Advice technical teams on the control design, implementation and processes necessary to ensure and protect information systems assets.
- Perform risk assessments and define application and infrastructure-related security requirements for business and IT projects. Advises on high level security design of new applications and infrastructures to ensure secure operation within the environment.
- Perform security validation to ensure effective implementation of security controls.

- Defines, implement and ensures the proper functioning of security trust services within her/his security domain in line with IT security policies. Recommends and advises on new or improved security services to Cyber security Management

- Review the secure design and implementation of the internal and our partners Identity and Access management infrastructures and processes
- Review customer and internal access management, Federation services, Identity brokers, internal access management, Identity access governance, MFA authentication,...
- Ensure the adequate functioning of IAM security services
- Document security services, technical standards, policies and principles.

- Act as security subject matter expert in the IAM security domain and be the security point of contact for the business and project teams.

Your Profile:
The successful candidate must be a service oriented, organised and independent security professional with at least 5 years+ solid experience in the Identity and Access management security domain.

The candidate must be a team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. The candidate will take ownership and ensure that organisational quality standards are met.
The candidate must be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.

The candidate must have proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.

1) Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles;
2) Identity and Access management: several years of experience in building up sufficient background knowledge with regard to Authentication and access controls, Directory services (Active Directory), MFA authentication, Federation services, authentication brokers…
3) Senior level knowledge and experience with Identity and access management technologies including IGA/IAM solutions like IIQ Sailpoint, Active directory, credential lifecycle management... Understanding IAM industry best practices.
4) Authentication and access controls Security services (Authentication and authorisation schemes, RBAC, ABAC, SSO, Risk based/Adaptive authentication, PKI...);
5) Application security knowledge is a plus;

Preferred professional certifications are CISSP, GIAC, ISO 27001 LA/LI. Specific Product certifications in the IAM domain are an asset.