Beschreibung
For our customer in Cologne, we are currently looking for a Solution Architect for Security Incident Management.Start: ASAP
End: 31.12.2019 (with option to extend)
Volume: 5 days
Location: Cologne
Languages: English, German is N2H
The customer needs support in setting up Security response processes, especially for structuring the security incident and service request process. The customer is currently in a green-field situation without implemented tools and processes other than Email, SharePoint and phone. A target ITIL tool has been selected (TOPdesk).
Background:
The company has about 4.000 end-users globally which use a signifcant number of cloud-based IT services. There is a global and local IT organisation in place that will collaborate with the IT security function to identify, analyse and mitigate security incidents and security service requests (e.g. review and approval of admin rights, firewall changes, training). The role of the sought consultant is designing and setting-up Security response processes end-to-end, from end-user via the IT organization to the respective IT service provider. This is also related to the design of the processes in supportive tools. First of all, the process must be designed that covers all the company's requirements for security response management. Process design must include that the support of analysis is a key part of any security related incident notification and request for a service. The incident process has to be investigated (e.g. where does the attack come from, etc). Some parts of the resulting processes are supported by tools, others by external vendors. A reporting process and template must be defined and implemented.
Tasks:
- Security response processes need to be designed and implemented. Some of them are very complex, involving several resolver groups and functions
- The processes must be designed to cover all of the company's requirements for security incident management
- Manage processes in Incident Management
- Collaboration with IT and their roles within IT incident and IT service request processes
- Designing security Incident response workflows and processes
- Developing and maintaining security incident response playbooks
- Ensures Information Security Team is prepared to drive incident response
- Defining metrics and reporting on security incidents / service requests
- Defining communications in incident situations, defining escalations
- Coordinating roles, responsibilities and activities with corporate crisis / incident management team
Skills:
-Academic degree
-very good knowledge of incident management
-good process design knowledge
-good architecture knowledge
-good security experiences
-very good understanding of the processes
-very good methodical and analytical approach
-Good understanding of the data needed for the analysis
-very good understanding of the processes behind a security incident (e.g. interfacing resolver groups)
-Project experience in companies with existing IT security
N2H
-ServiceNow knowledge
-ITIL certification
-TOPdesk experience
Malte Meilenbrock
Michael Bailey Associates
Recruiter
T:
Michael Bailey International is acting as an Employment Business in relation to this vacancy.