Beschreibung
Unser Unternehmen ist ein strategisches Beratungsunternehmen mit Fokus auf den Energie- und Versorgungssektor dessen Dienstleistungsschwerpunkte auf die Bereiche Business Intelligence- Lösungen sowie Prozess- und Projektmanagement gerichtet ist.Für ein remote Projekt in Düsseldorf suchen wir ab sofort
2x Networks Engineering Consultant (m/w/d) Security and Firewalls ID34068
Laufzeit: asap – 31.12.21
Verfügbarkeit: 100%
Volumen : 920 remote Std./pro Berater (40 Std./Wo.remote)
Projektstandort: Remote
Project description: The project is covering the migration of business systems from On-prem to Cloud. Within this a security review is required for every system being migrated. This includes application or conversion to virtualized cloud landscapes in Microsoft Azure Cloud. Every business unit affected by this migration has dedicated teams to support the preparations. The aim of the project is to ensure every system migrated is properly vetted and as secure by default and tested.
Task description
- Analyze security concepts provided by the business project teams in order to identify outdated technology, gaps and insufficiencies. Present the results accordingly including professional consulting about how to meet security standards along with corresponding measures; sign off prior to requester to be able to submit FCRs (Firewall change request). Check if all requirements are fulfilled and advise the requester to submit the FCRs.
- Review security concepts (Q-gate) and technically consult business for release to the technical workstream for the implementation in accordance with the defined FCR process (Firewall change request). Approve / reject the requests in a workflow tool where the security concepts are filled in (workflow process).
- Steer the quality of the previously analyzed security concepts acts on a third level by checking the quality, technical requirements and information of the security concepts and technical requirements. Once quality is met, the business submits the security approval for implementation to the security officers. The quality standards are defined by the industry standards – ENISA, NIST or ISO 27001.
- Provide guidance to teams on how to resolve potential security flaws / findings on the submitted concept before approval so the requesting party can submit for final step approval. The guidance is based on elaborate test cases and in the later hypercare phase (pre-implementation) the guidance is based on industry best practices (defined in international standards) and information about the purpose of the request.
- Consult requesters on how to properly resolve issues identified on security concepts and how to get these successfully approved - the information is ingested via the application. If rejected by a security officer, review the information. In such cases, advise the business on how to correct the issues. This can be done by email, in virtual meetings via MS teams or phone. The progress will be visible on the amount of FCRs processed from the queue. Reduce the backlogs due to the overwhelming number of applications to the minimum (as much as possible) and get the FCRs in good quality for approval.
- Consult business requesters with regard to design, concept creation & implementation of network security aspects in the areas of
o Architecture design
o Architecture review
o Validate technical documentation according to best practices created by requesters
o Technically consult on finalizing design and architectural documents (write, review, edit)
- Manage escalation activities related to network security domain-related to the domain of network security. (Proxy, Network Segmentations Design and architecture questions, best practices principles according to industry, testing, understanding of frameworks provided by NIST, ISO27001, ENISA.) Technically consult the cyber defense team to adequately cope with security risks and issues and their mitigation. The process of escalations are handled fully by our customer security team.
The task requires knowledge of
- network security design and architecture
- knowledge of Proxy and firewall technologies and practices
- knowledge of cloud security
- handling of traffic within security zones
- penetration testing principles
- application testing principles
- vulnerability and patch management
- risk management principles
- security frameworks provided NIST, ISO27001, ENISA
Skills:
min. 5 years of working experience on network security and firewalls.
Knowledge on major firewall and network vendors.
Good communication skills. Once the necessary documentation is prepared by the business teams, these need to be reviewed by the security officers, most of these migrations require new network allocations, and specific network configurations (every application behavior is different) in order to provide the necessary know how, and consulting effort to resolve potential challenges. The network security expert reviews, assess, and consults the business teams on how to make their systems migration sound and security proof. Here the project requires a network security expert with sufficient experience on managing security concepts, understand network architecture, secure protocols and adequate use of ports. Further the network security expert is capable to understand the network traffic problems and advise on the production of a secure solution to the potential challenges. Guide and instruct the business teams in a non-technical language how they best solve the issue how properly describe it and document it for security approval. Additionally the network security expert has adequate vulnerability management experience (pent-tester background is a plus) as part of the security approval process the last step for approval is to perform a vulnerability assessment on the system to be migrated. Usually this step is performed later in the process, but has been decided to speed things up to move this step to be part of the security concept process step. If vulnerabilities might be detected, the network security expert should be capable to explain the business how they can best address and resolve the vulnerability. Systems that do not pass the vulnerability assessment will not be approved forward
Please submit Job profiles in English
Sprachanforderung: Englisch
Bewerbung und Kontakt:
Sollten wir Ihr Interesse geweckt haben, dann freuen wir uns auf die Übersendung Ihres aussagekräftigen Word Profils unter der Angabe Ihres Stundensatzes, EU-DSGVO Zustimmung und Verfügbarkeit an
Herzlichen Dank im Voraus und mit herzlichen Grüßen
Ihre C4 Group
Hinweis:
Ab Mai 2018 gilt die neue EU-DSGVO, damit wir Ihre Bewerbung berücksichtigen und Ihnen zukünftig weiterhin direkt Projekte aktiv vorstellen können, bestätigen Sie uns bitte einmal in Ihrer Bewerbung, dass wir Ihr Profil bei uns speichern dürfen.
Als Zustimmung bitte einfach copy&paste EU-DSGVO OK! in Ihre Bewerbung kopieren.
Mit dem Übersenden Ihres CVs im Rahmen Ihrer Bewerbung auf diesem Portal und/oder per Email erklären Sie sich damit einverstanden, dass wir Ihr Profil mit Ihren persönlichen Daten für unsere weitere Zusammenarbeit bei uns aufnehmen. Eine Weitergabe Ihrer Daten und Vorstellung bei unseren Kunden erfolgt selbstverständlich nur mit Ihrem Einverständnis und nach Rücksprache mit Ihnen.
Sollten Sie keine weiteren E-Mails und/oder die Löschung Ihrer Daten von uns wünschen, schreiben Sie eine E-Mail an mit dem Betreff "Abmelden". Wir respektieren Ihr Recht auf Privatsphaer Lesen Sie hierzu unsere Richtlinien unter c4-energy.com/Datenschutz.html. Unsere Stelle für Datenschutz erreichen Sie unter