VonConsulting.ro - 10 ani de Recrutare si Oursourcing IT
  • Acasa
  • Despre Noi
  • Serviciiarrow_drop_down
    • Recrutare
    • Outsourcing
    • Personal Temporar
    • Consultanta
  • Oportunitati in Cariera
  • Contact
  • arrow_drop_down
  • ro
  • en
  • de

Security Champion – (Project Security Advocate & Coordinator)

ID: von_26119773
Full time
Bucharest (or remote)
Middle, Senior
21-02-2023
Security Champions work collaboratively on products and services within the DevSecOps Teams, supporting the Team to deliver secure products and services as well as to deliver the outputs as set by the business. They are involved in the iterative development of products and services during sprints and in all sprint activities e.g. sprint planning, daily stand-ups, sprint reviews and retrospectives.
Profil Angajator

Technology center of a multinational telecom company.

Responsabilități

 

  •     Control and tracking of IT security measures within cloud environments.
  •     Examination of security requirements within the demand process for corporate and technical security.
  •     Protection of physical and intellectual assets, i.e. ensurrance that proper security and safety measures are in place.
  •     Evaluation of audit and vulnerability findings including risk assessment

As part of these activities, Security Champions ensure that appropriate measures are taken to check compliance with an adequate level of security in company’s processes, products and services. They ensure that identified risks and weak points are identified and dealt with.

 

Security Champions:

  • Advocate and follow Security Policies and Standards but are not Security experts.
  • Are the Security SPOC for their Team.
  • Coach their team about company/group Security policy.
  • Ensure, consider and implement Security in all Team activities including sprint planning, daily stand-ups, sprint reviews and retrospectives.
  • Report Security Risks and Incidents to the NCIS Security Chapter Lead.
  • Contribute to a set of Security-specific user stories and must engage with the Product Owner to add Security user stories into their Team’s product and service backlog.
  • Work with the Product Owner to track, monitor and advise on the prioritization of Security user stories.
  • Work to find the right balance between ensuring that Security user stories are prioritized for the Team and that the Team can prioritize other user stories as and when required.
  • Works with the NCIS Security Chapter Lead to identify risks in the Teams and inform the Risk Owner and the NCIS Security Chapter Lead of any potential Security risk. They suggest mitigation strategies for any Security issues that arise in the Teams.
  • Inform and update their Teams about changes or updates to company Security Policies and Standards e.g. guidelines, blueprints, architectural patterns and software development.
  • Inform the NCIS Security Chapter Lead about how any documentation, designs or patterns provided by Global Cyber Security could be adapted to suit local patterns.
Cerințe
  •     Comprehensive understanding of cloud IT security components.
  •     Experience with IT security standards or best practices.
  •     Good written and spoken English knowledge.

Soft Skills:

  •     High communication and social skills.
  •     Analytical and organizational skills.
  •     Confident demeanor and assertiveness.
  •     Autonomous, diligent and solution-oriented working.
  •     Willingness for regular further training.

 

Nice to have: (at least 2 of the following would represent a great advantage)

  • Previous experience related to security in cloud environments or cloud migrations.
  • Experience in Risk Management & Consulting.
  • Good understanding of DevSecOps environment (especially CI/CD, SAST, DAST)
  • Gook knowledge about Cybersecurity concepts, tools and processes (including: IPS/IDS, Risk assessment, Vulnerability Scanning/Management/Mitigation, etc.)
  • Knowledge about various cloud services/platforms ( e.g. IaaS, PasS, AWS, etc.)

 

Aplică cu CV
close
  • Max. file size: 50 MB.
  • Hidden
  • This field is for validation purposes and should be left unchanged.
  • Joburi Similare
    • Transmission Network Design and Delivery Coordinator…
    • IT Project Manager
    • Senior IT Security Officer
    • Security Expert – TV Services –…
    • Cloud Security Compliance Expert
  • Joburi Recent Adaugate
    • System Engineering Expert NSX
    • Senior Privacy Operations Specialist
    • Front-end Software Developer
    • R&D IT LAB Service Delivery Manager
    • IP Network Operation Engineer
  • Articole Recente
    • System Engineering Expert NSX
    • How About Becoming a Back-End Developer?
    • The Fanciest Job in Software Engineering?… Yet the Most Sought For?
    • Manifesto for Agile Software Development
    • Behind the Scenes of An IT Recruiter’s Life
© 2023 - VonConsulting.
  • Termeni si Conditii
  • Confidentialitate
Manage Cookie Preferences
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
Preferences
{title} {title} {title}