Operational Information Security Specialist (ECM/ERP)
Posted on Aug 24, 2021 by Harvey Nash IT Recruitment Netherlands
For TenneT in Arnhem is Harvey Nash searching for an Operational Information Security Specialist (ECM/ERP)
Startdate: ASAP (latest start date: 01-10-2021)
Duration: 14 months+
Effort: 40 hours a week
Job Location: Arnhem or Bayreuth
Resumé and motivation in English
About the Job:
In the field of information security, providing support for Functional Management and Application Management for Generic-IT ERP or ECM applications in the context of projects, change initiatives and daily maintenance & control activities, such as;
- Prepare, support, implement and provide follow-up of;
o Data Classification Assessments;
o Information Security Requirements Assessments;
o Penetration and attack tests;
o Vulnerability scans.
All this in alignment with the responsible Service- and Functional Managers.
- Implement and maintain data access controls and the periodic testing of the effectiveness of these controls.
- Assist the process of detecting, logging, assessing and managing the follow-up of Security Related Events or Security Related Incidents regarding the WBNI en GDPR.
- Periodic verification of Audit Logging for anomalies and reporting on security posture of the ERP or ECM services.
- Maintaining close cooperation with the internal customer departments (Business) by;
o Creating awareness and promoting information security and privacy protection.
o Providing support to key-users in the operationalisation and realisation of compliance with the information security policy.o Create and maintain user documentation of the information security controls.
- Support in ISO27001 audits and the processing of audit findings .
- Create Security Waivers and submit it to the service management for decision, together with an advice on follow-up.
- Experience in the area of data protection is a plus. Prepare, assist and contribute to Data Protection Impact Assessments in order to identify the risks associated with the processing of Personal Identifiable Information.
What experience do you have?
- Several years of professional experience in the field of Information security/cybersecurity.
- Professional experience in the analysis and evaluation of Information security risks and knowledge of security-relevant methods and standards such as ISO27000 et seq.
- Knowledge of service management processes according to ITIL, in particular for information security management.
- Knowledge of the nature of Information security risks regarding cloud services.
- A recognized information security certification is required (eg CISM).
- an independent and analytical approach and a high level of communication skills
- Willingness to travel to different TenneT locations in Germany and the Netherlands
- Excellent command of the English languages both verbally and in writing. The same in German or Dutch is an advantage.
Vocational studies-College (MBO), Bachelor