Security Expert

  • Job category IT
  • Employment Fulltime
  • Reference number VAC-10021069
  • Location Heerlen
  • Contract type Secondment via YER, Interim/independent
  • Industry IT & Telecom

About this vacancy

DSM’s GbS Technology Services is overall responsible for the management and continuity of all IT services: workplace, network and application services. We aim to provide a wide range of Desirable, Reliable, Efficient and Cost-Effective Digital Services. We develop people who are passionate about delivering World Class services and solutions, so DSM can fully realize its ambitions in business and in society. As part of GbS Technology Services we are seeking to recruit: Security Expert

Job description

The Position

You will be integral to the development of DSM’s cyber, security and defense capabilities within our shared service organization (GbS-TS department). You are an in-house security services subject matter expert. You hold a vital role in our team – ensuring that all day-to-day activities are carried out within a controlled and compliant framework. You will also play a pivotal role in further developing security capabilities to protect DSM from increasing cyber threats, across IT, OT and R&D.

The key responsibilities in this position:

  • You are the subject matter expert on Firewall Assurance, Security Monitoring and Forensic Investigations and work collaboratively with our internal stakeholders and strategic IT partners to advise, design, build and implement pragmatic solutions that integrate cyber security
  • You have a broad knowledge on cyber security in general and can provide advisory and technical expertise to help DSM to design and deploy state of the art solutions, practices and operating models that are secure by design
  • Develop methods of intelligence collection for the purpose of creating intelligence reports
  • Collaborate with the CISO office, the Forensics team and DSM’s MSSP and other strategic IT partners on threat analyses activities, audits and compliance activities
  • Provide recommendations and actions for the SOC, the CISO, Security & Compliance, and other (business) stakeholders based on timely intelligence information
  • Provide the Cyber Security Operations Center and strategic IT Partners with contextual information to support identified security incidents
  • You have a solid understanding of the cyberthreat landscape (IT and OT), the business risks associated to these threats and the mitigating security controls that help an organization like DSM to counter these threats
  • And lastly, you are cable to support the Threat Analyst Team and the Forensics Investigations team when needed

Company

Royal DSM is a purpose-led global science-based company in Nutrition, Health and Sustainable Living. DSM is driving economic prosperity, environmental progress, and social advances to create sustainable value for all stakeholders. DSM delivers innovative business solutions for human nutrition, animal nutrition, personal care and aroma, medical devices, green products and applications, and new mobility and connectivity. DSM and its associated companies deliver annual net sales of about €10 billion with approximately 25,000 employees. The company is listed on Euronext Amsterdam. More information can be found at www.dsm.com

Offer description

You will be employed by YER and seconded to DSM, we offer:

  • Good employee benefits
  • Challenging assignments
  • Excellent guidance from your consultant and YER's back office
  • Development opportunities, including the YER Talent Development Programme with a personal coach
  • Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
  • Cooperative and results and relationship-driven
  • Friendly atmosphere and open culture
  • Community/network with other technology professionals from a variety of multinationals
  • Events and master classes with interesting speakers and attractive companies

Freelancers also welcome to apply!

Candidate profile

Education level

Bachelor ++ or master’s degree

Knowledge & Skills

  • Experience on security risk analysis for technical solutions combined with an ability to articulate them clearly both verbally and in written form
  • In-depth knowledge about Managed IT Security Services to be an equal counterpart in discussions (content, concepts, technology) and overlook the services landscape and service providers
  • Demonstrable experience in security principles, and technologies regarding security operations, threat intelligence, security monitoring and incident response
  • Practical knowledge of security and networking toolsets such as SIEM, IDS/IPS, WAF, packet capture and other threat detection technologies
  • Knowledge and preferably experience in DevSecOps and Agile way of working
  • Experience in the extensive analysis of common security incidents
  • Ability to stay calm in highly sensitive and high-pressure incidents
  • Experience with Splunk (and Azure Sentinel)
  • Knowledge of range of security tools, features, and benefits
  • Knowledge of AlgoSec
  • Knowledge of PAM technology (CyberArk or equivalent)
  • Pre-existing, in-depth knowledge of common network protocols
  • Pre-existing, in-depth knowledge of Windows and Linux based operating systems
  • General knowledge about the other IT domains (workplace, foundation, enterprise applications, ERP systems, hosting/cloud, reporting, OT, R&D)
  • Fluent in English, both in writing and verbally
  • Team player who fosters teamwork in a global, multicultural, and virtual context
  • Ability to manage multiple priorities and focus
  • Strong communications and analytical skills
  • Strong people engagement skills
  • Independent / self-propelling attitude and experience
  • Good oral and written presentation skills required in English
  • Knowledge of relevant frameworks such as NIST and MITRE ATT&CK
  • Familiar with Regulations, including, GDPR, ISO 27001/27002/30000
  • CISSP certification is a must
  • CCSP certification is preferred

Required level of experiences

  • Experience in working in an international environment with a geographically spread team
  • Experience in working in a global Security function using well-defined processes and standards
  • Minimum of 5-10 years of experience in the area of cyber security
  • Knowledge of DSM organization is preferred