She/he ensures and controls that the Data Center under her/his responsibility complies with comanySecurity policies, practices and standards (GGS Core IT and Corporate Security) but also with regulatory requirements applying to this scope. This applies to the DC hosting infrastructure (people, physical environment and IT) and includes both set-up and operations.
MAIN RESPONSIBILITIES
RACI based role definition is mentioned between brackets.
Ensure that the data kept, used and transferred is efficiently protected and in accordance with standards (AR).
Run periodic security audits to control proper configuration and operations at the DC (RA).
Contribute to Customer projects under the regional Solution Security Officer (SSO) governance. It includes pre-sales and new solution set-up (C).
Keep updated on cybercrime, threats, risks and counter-measures (technical survey).
Control for VPN setup between customer and single solution environment hosted within company premises.
Control for MPLS line setup between customer and single solution environment hosted within company.
Validate internal and external traffic flows for a solution and requesting the applicable firewall rules
Manage user privileges and access management per environment
Upon requested firewall changes, security analyst determines risk and justification and provides approval/rejection of change requests.
Automate Nessus scans on a monthly and ad hoc basis (as required) of network environments
Analyze vulnerability scans, pen tests, audits and patch reports to determine what patches are applicable and should be determined as critical or scheduled.
Support Pen testing by submitting appropriate temp firewall rules allowing testers access to target networks.
Assemble data and notify stakeholder of audit dates and scope. Coordinate audit agenda and manage evidence gathering as needed.
Generate, import, revoke and manage life for encryption keys
Identify malicious data streams against vulnerable system(s), alert and remediate, if possible.
Install antivirus on all servers, update on a daily or better basis their signature and manage the antivirus from a central console with logs fed to the syslog server.
Review the logs of security events, evaluate events to correlate data, determine if incident and report incident.
Review contracts, preliminary architecture and apps to be utilized for risk.
Identify incidents, report to Corp and Regional Security, provide resources for investigation team if required. Identify root and remediation of cause
Analyze traffic flows captured by security systems to assist in troubleshooting flow issues.
Review security requirements, comment and document acceptance or rejection of requirements beyond what are standard for company Data Center.
Conduct regular training of security awareness, security functions for non-security personnel (example Key Custodian) and alert to potential risks and events.
Coordinate with Savvis to manage DDOS service, review DDOS reports and address false positives and potential security events
Grant, revoke, modify access badge mode to control access to physical security zones. Issue keys to cages with lower security requirements.
Contract for security hardware and services, configuration, management and implementation
LEVELS OF EXPERTISE
N/A
MAIN RELATIONSHIPS
Internal
DC System Expert
Solution Security Officers
Regional GGS operations
Regional Security Manager
GGS IT Security Officer
GGS Risk manager
Corporate Security team
POSITION REQUIREMENTS
Education
Degree in Engineering ideally in computer security
CISSP certification and ISO27001 Lead Auditor or Lead Implementer certified are assets
Experience
5 plus years of experience successfully managing security in large, complex, and distributed IT infrastructure.
First experience in logical security governance (ideally in a banking environment).
Professional Knowledge
Use of symmetric and asymmetric cryptography, including public Key Infrastructure (PKI).
Network security, including Firewalls, Router and Switch but also NIPS (Network Intrusion Prevention System).
System security (Unix OS – Linux/Solaris, Windows): hardening and main weaknesses. Use of HIPS (Host Intrusion Prevention System).
Vulnerability assessment (Nessus) and others security diagnostic tools.
Incident response.