Business continuity and Information Security Management Specialist - N.

About Proximus NXT

Proximus NXT Luxembourg supports all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored managed services. With our partners and customers, we co-create opportunities and enable growth in a secure and sustainable manner. As a result of our unique expertise in next-gen IT services, mobile and advanced connectivity, we help our customers achieve their ambitions and realize their vision.

Together with them and our partners we implement sovereign and trusted solutions that make people work smarter.– www.proximusnxt.lu

Your mission :

You will be part of the NTX Consortium Team in charge of operating the European Commission’s Network Managed Services.

Network Infrastructure

• The LAN in the Commission’s buildings (approximately 80 buildings spread over Brussels, Luxembourg)
• The connections between these buildings as WAN (MPLS technology)
• Wifi Hotspots spread over the Commission's buildings
• Data Centre network services

Network Security and Network Application Infrastructure

• The security perimeter consists in a multi-layer infrastructure of firewalls of different vendors.
• The incoming and outgoing accesses with the external world pass through dedicated appliances working as proxies and reverse proxies.
• DNS infrastructure and authentication servers are part of our domain of competences.

Telephony and Videoconferencing Infrastructure

• Only Non-end-user devices and specific end-user devices and interact to the classic telephony service
• Large video studio, video conferencing room and personal video systems Network Intervention Services:
• On-site intervention services including the technical room management
• Storehouse and spare services

Compliancy Infrastructure:

• Definition and maintenance of processes including the associated tooling, metrics and KPIs
• Reporting of metrics and KPIs Supporting Infrastructure:
• Definition and maintenance of underlying infrastructures including the filesystems and the central computer platforms
• Maintaining and develop automation tooling to ease use and increase reliability of the service Test and lab Infrzastructure:
• Assist in defining test programs for design projects
• Assist in automating test programs as regression testing and fault testing and allow for faster validation of design changes

A team of 60 people is working permanently on-site (Luxembourg and Brussel).

1. Activities:

For this position, we are looking for 2 half-time. The first half-time with the role of Business continuity/Service manament Specialist (BCMS) and the second with the role of Information Security Management Specialist (ISMS)

1. Role of Business continuity/Service manament Specialist (BCMS)

• Interface between the NMS III organisation and the Customer for the business continuity/service continuity aspects
• Responsible of the BCP escalation inside the NMS III organisation for crisis management
• Develop, maintain and improve the business continuity/service continuity policies
• Develop the different BCP/DRP scenarios
• Ensure that the Recovery Time Objectives (RTO) are respected and propose service improvement if it is not the case.
• Risk management: Ensuring that risks identified and pertaining to the business/service continuity processes are addressed.
• Develop adequate business continuity/service continuity documentation
• Planning and leading BCP/DRP tests and ensure correct review of processes and documentation if needed after the tests
• Audit of Business continuity/service continuity processes
• Ensure compliance of the business/service continuity management are compliant with EC's corporate BCP policies
• Train regularly the NMS III organisation and the customers to these Business continuity/service continuity processes
• Collaborate in the BCP exercises organised by the European Commission
• Analyse impact of other processes or other ITIL V3 phases on the BCP
• Communication management/escalation management
• Develop, Manage and monitor annual workplan in the domain of business continuity/service continuity management.

2. Role of Information Security Management Specialist (ISMS)

• Establish, implement and monitor an information security strategy to be adopted by the NMS III organisation, this strategy being derived from the Ec's information security strategy
• Establish, implement and monitor information security policies for the NMS III organisation, based on the EC's standards and policies
• Conduct risk management activities (Risk assessments, gap analysis, business impact analysis) to help the customer to reach an acceptable level of risk
• Advise and make recommendations regarding appropriate technical security controls
• Develop and manage the security incident management program within the NMS III organisation to ensure the prevention, detection, containment of security breaches
• Vulnerability audits and mitigation procedures
• Develop, monitor and report about appropriate metrics existing for the different deployed processes supporting the security policies in place
• Educate and raise information security management awareness within the NMS III organisation
• Analyse security compliancy for customer's services and ensure correct adoption and adaptation of security policies into these services
• Develop security plans for the different services managed by the customer
• Develop, Manage and monitor annual workplan in the domain of Information security management
• Key liaison between the Ec's security directorates, the customer, the NMS III staff, the auditors for the Information security management activities
• Write specifications for the development of the security policies supporting tools
• Assess, test and select security policies supporting tools
• Follow-up of the development and the maintenance of the security policies supporting tools

Your profile :

2. Requirements:

• Education : BAC + 5 or more is an asset
• Have at least 5 years of experience in the security services area
• Have at least 3 years of experience in the domain of information security management
• Preferably ISO 27XXX certified
• Preferably ISO 223XX certified
• Juniper SD WAN
• Working knowledge, written and spoken, of English required. French desirable

3. Skills required:

• Very good technical knowledge and experience of at least 3 years in business/service continuity management for security domains (Firewalls, proxies and reverse proxies, loadblancer, Remote access)
• Solid documentation skills
• Strong organisational and analytical skills
• Strong interpersonal skills
• Strong communication skills
• Good knowledge of security policies and their application
• Experience in audit on the development and deployment of Information management Information systems (ISMS)
• Knowledge of regulatory/compliance requirements

4. Location and Timing issues:

• Provision of the above mentioned services basically in Luxembourg or Brussels, with a possibility to work in other site about 1 day per month.
• Project Business hours: 7H-19H => being able to regularly start between 8AM and 9AM

Our offer :

A professional and stimulating work environment in the IT & telecom sector. Multiple career opportunities within the Proximus Group at national and international level, cutting-edge training in new technologies, a wealth of recognized expertise. We also offer an attractive salary package and many other benefits.

Our company is an equal opportunity employer, valuing diversity in all its forms. We firmly believe that each individual brings a unique richness to our teams, and we are committed to creating an inclusive environment where every voice counts.

If at the end of the process your application is successful, you will be asked to provide an extract from your criminal record. Your personal information will be handled in compliance with applicable data protection laws.