Job Description

In a context of strengthening security posture, STIB is looking for a cybersecurity consultant specialized in hardening systems and connected devices.

You will work with IT and security teams to identify vulnerabilities, define secure configuration standards, and implement appropriate protection measures across a wide technical scope.

Main Missions

1. Security Audit and Analysis

2. Perform configuration audits of equipment and systems

3. Identify security flaws and deviations from best practices

4. Assess risks associated with existing configurations

5. Definition of Security Standards

6. Develop hardening policies (workstations, mobiles, tablets, servers, network equipment, appliances)

7. Rely on recognized frameworks (CIS Benchmarks, NIST, ANSSI, ISO 27001)

8. Formalize secure configuration guides

9. Technical Implementation

10. Apply security configurations to:

    • Desktops/Laptops
    • Tablets and smartphones (iOS, Android)
    • Server operating systems (Windows/Linux)
    • Firewalls, Proxies, Reverse Proxies, Security Appliances

11. Support for various IT teams:

    • Patch management (VOC – Patch management)
    • Hardening of services and ports (network segregation/segmentation)
    • Logging and monitoring (SIEM, SOC Team)

12. Automation and Industrialization

13. Deploy automation scripts and tools (PowerShell, Bash, Ansible, etc.)

14. Standardize configurations

15. Review and improve existing processes

16. Validation and Control

17. Check compliance of implemented configurations

18. Perform security tests (vulnerability scans, compliance audits)

19. Produce validation reports

20. Documentation and Knowledge Transfer

21. Write technical documentation and procedures

22. Train internal teams on security best practices
23. Provide support and assistance post-deployment

Technical Skills

• Proficiency with systems:
• Windows Server / Linux / macOS
• Mobile environments (MDM, EMM)
• Expertise in endpoint and server security
• Good knowledge of network equipment (Firewalls, Proxies)
• Knowledge of vulnerability management tools (Nessus, Tenable)
• Experience in scripting and automation (Bash, PowerShell, Python, etc.)
• Mastery of network protocols and security principles (TLS, VPN, VLANs)

Cybersecurity Knowledge

• System and network hardening
• Identity and Access Management (IAM)
• Data encryption
• Log management and SIEM
• Security frameworks (CIS, NIST, ANSSI, ISO 27001)

Personal Qualities

• Rigor and attention to detail
• Analytical and summary skills
• Autonomy and proactivity
• Good interpersonal skills and ability to explain complex concepts
• Team spirit

Languages

• Fluent in French and/or Dutch
• Professional English (reading, writing, speaking)

Additional information: The mission may be extended for a maximum duration (initial duration included) of: 880 working days.