IT Security Analyst
For our client based in Düsseldorf we are looking for a freelance IT Security Analyst (m / f / d).
Project : Most solutions are based on the MS Azure cloud and have been built up having functional requirements in mind.
Whilst maturing our cloud utilization we would like to identify strategic areas of where security could be improved in our IT landscape.
This is starting with using the DevSecOps tool called Snyk as well identifying where are not using modern authentication scheme based on OAUTH2 and not regularly rotating secrets in applications.
Tasks :
- Analyze which applications & teams are using GIT repositories for storing their application code or deployment pipelines
- Analyze which applications & teams are using subversion to store their application code
- Identify which repositories are active and which are inactive and can be archived-
- Analyze what build & release pipelines are being used inside the different pipelines and if the repositories would be compatible to be onboarded on Snyk
- Document dependencies in SVN build pipelines and propose new build toolset on GitHub, Azure DevOps
- Create a Plan for the migration of subversion repositories to GitHub, Azure DevOps
- Create a template for Sales & Trading GitHub organizations so that repositories and access to repositories is deployed via terraform with the GitHub provider
- Identify which application are currently using static secrets in their application code and not utilizing modern authentication scheme via OAUTH2, e.
g. by using Azure Resource Graph explorer to find these resources
Analyze where managed identities are not being used inside the Sales & Trading IT landscape and where Role Assignment are not being used to make use of Azure RBAC (e.
g. Azure Storage Account Contributor vs. Contributor permissions)
- Analyze where Azure DevOps pipelines are using static secrets for authentication instead of workload identities
- Create a Proposal how dynamic secrets rotation can be implemented for certain clusters
Skills :
- Multiple years of experience in IT Security roles
- Very good Knowledge in Azure Cloud, and Azure DevOps, especially in terms of security aspects
- Multiple years of experience in GitHub
- Experience in Azure Resource Graph query
- Terraform IAC, Snyk und Subversion are a big Plus
- Fluent in English
- Nice to have : German
Key Facts
- Start : July
- End : December
- Hours per week : 20
- Location : Düsseldorf
- Contract : Freelancing
IT Security Analyst (w|m|d)
Zusätzlich bringst du Erfahrung als Information Security Officer oder Compliance Management Officer mit und bist vertraut mit COBIT und ITIL. IT-Compliance, IT-Resilienz und Business-Continuity-Strategien (BCM) entwickelst,. Du erarbeitest eine umfassende Cyber-Security-Strategie, indem du:. IT-Gove...
(Senior) Information Security Analyst (f/m/d) - Security Operations Center
The GLS Group Security Operations Center is responsible for Security Monitoring, Incident Management, Vulnerability Management and Threat Intelligence. In your role you will report to the Manager Security Operations Center and support him in the cross-site operational management of information secur...
IT Security Analyst (m/w/d)
Erfolgreich abgeschlossenes Studium der (Wirtschafts-) Informatik, mit Schwerpunkt IT-Security oder vergleichbare Ausbildung mit mehrjähriger Berufserfahrung . Viele von ihnen dürfen wir bereits seit unserer Unternehmensgründung im Jahr 1993 begleiten. Mitwirkung an Entwicklung, Umset...
IT Security Analyst (f/m/d)
The successful candidate will be responsible for conducting IT Audits across our sites and assessing and evaluating the effectiveness of our company's information security controls and procedures. The ideal candidate will have a background in IT Audit, knowledge of information security frameworks an...
IT Security Analyst (m/w/d)
Create a template for Sales & Trading GitHub organizations so that repositories and access to repositories is deployed via terraform with the GitHub provider. We have a current opportunity for a IT Security Analyst (m/w/d) on a contract basis. The activities required in each case to implement the se...
IT Security Analyst*
JobPosting", "title" : "IT Security Analyst*", "description" : "In der Administration behalten wir stets den Überblick über die vielen verschiedenen Schnittstellen, die hier zusammenlaufen. Unterstützung der IT-Sicherheit sowie weiterführende technische Beratung der Fachbereiche in IT-Sicherheitsfra...
IT Security Analyst (f/m/d)
The successful candidate will be responsible for conducting IT Audits across our sites and assessing and evaluating the effectiveness of our company's information security controls and procedures. The ideal candidate will have a background in IT Audit, knowledge of information security frameworks an...
(Junior) Security Analyst / Auditor (gn*) Electronic Identities and Trust Services
To strengthen our team in Germany (Düsseldorf/Cologne area), we are looking for a junior security analyst / auditor (f/m/d) in the area of electronic Identities (eID) and Trust Services, focusing on consulting, auditing and management in complex project environments and following legal and norm...
(Senior) Business Data Analyst (m/w/d)
Stepstone ist eine führende Online-Jobplattform in Deutschland, die Jobsuchenden hilft, den richtigen Job zu finden.Als einer der größten Anbieter auf dem Jobmarkt in Deutschland haben wir bereits Millionen von Einstellungen in den unterschiedlichsten Branchen und Bereichen ermöglicht.Wir sind stolz...
IT-Security Consultant - IT-Sicherheit / SIEM / Identitätsmanagement (m/w/d)
Seit über 30 Jahren betreuen wir nach dieser Maxime als unabhängiger Berater rund um die Themen IT-Security, Biometrie und Hochverfügbarkeit namhafte Kunden. Neue, innovative Ansätze für alte und ganz neue Probleme: Egal ob es um IT-Sicherheitsfragen, maximale Leistungsfähigkeit der Infrastruktur od...