Vacant job

Job Description

At a larger public organization, there is an ongoing effort to develop and manage digital systems and services. The work is carried out within the framework of several development value streams consisting of a number of delivery teams. Each delivery team consists of developers, system analysts, and technical testers. Additionally, there are support roles such as solution architects and configuration/management responsible linked to the teams.

In the role of IT Security Specialist, you will be responsible for supporting the development teams in operational IT security work. This means assisting the delivery teams in conducting threat modeling, risk analyses, and security evaluations. You will also provide support on how IT security requirements should be implemented and how results from security reviews should be interpreted, prioritized, and addressed.

Great emphasis is placed on personal abilities. The role requires you to be able to pedagogically translate security requirements into technical solutions and have the ability to reason about technical IT security from a holistic perspective, taking into account the current threat landscape.

Responsibilities

• Educate and support delivery teams in threat modeling
• Drive IT security reviews and risk analyses
• Handle and interpret results from application and web penetration tests and provide support in practical measures
• Participate in projects requiring IT security expertise
• Maintain and further develop governing documents within IT security
• Guide the remediation of identified vulnerabilities in collaboration with delivery teams and solution architects
• Support operational security tasks as needed, such as log analyses and ongoing security issues
• Participate in the further development of the organization's information and IT security work, both strategically and operationally, based on established standards for information security

Mandatory Requirements

• At least 5 years of work experience in qualified IT security work in complex system environments, such as network security, encryption, authentication, access control, and security tools
• At least 4 years of work experience in technical requirements specification within IT security, mainly related to application development (e.g., OWASP)
• Work experience in threat modeling, risk analyses, and the ability to understand and interpret results from penetration tests
• Post-secondary education in IT/computer science or equivalent experience

Desirable Requirements

• It is advantageous if you have any of the following certifications: CISSP, OSCP, CEH, or similar
• It is also advantageous if you have experience working in larger complex organizations and the public sector

Your Application

Does this role sound interesting and suitable? If so, please apply immediately as we are interviewing continuously and the position may be filled before the application deadline.

We can only accept and process your application by having you register your CV in our portal. With respect to GDPR, we cannot accept applications via email. We warmly welcome your application! The assignment is part of Quest Consulting's staffing services.

About Us

Quest Consulting is an authorized consulting company with collective agreements, insurance, wellness benefits, and occupational pensions. We specialize in IT, Technology, HR, Administration, and Finance. Our goal is to be your personal partner, and that is why it is so important for us to work according to our core values where our keywords are to be Personal, Innovative, and Professional.