ITvacature aanmaken/beheren mijn ITvacature

Vulnerability Analyst - Risk information analyst

Over de vacature


The IRM Function defines requirements for the assessment of Information Risks, defines the selection of mandated IT Controls, and defines and executes assessments of the design and operational effectiveness of these controls. The function organises communication campaigns to impact the behaviour of business and IT staff where it relates to Information Risks. In addition to these preventative measures, the IRM Function includes a Cyber Resilience function to understand the cyber threat landscape and the vulnerabilities to cyberattacks in IT systems and services, to detect malicious behaviour and to respond to incidents.


Experience and Qualifications required: Is a knowledgeable, creative and responsible IT security professional.
  • Has excellent analytical skills and appreciates a technical challenge.
  • Has a good technical understanding of and experience with IT networks, infrastructure and applications.
  • Has a passion for IT technology and is able to share that with other members of the team.
  • Has good written and verbal communication skills and provides well-informed advice.
  • Produces high quality deliverables in terms of both content and presentation. Examples of deliverables include: reports, presentations and reasoned arguments.
  • Carries out assignments and projects, alone or as part of a team, applying knowledge, skills, and experience.
  • Demonstrates an understanding of the issues of interest of our client and proposes viable solutions within the scope of own expertise, taking into account the needs of those affected.
  • Maintains knowledge and experience of current practice within own area of expertise and is aware of current developments within own area of expertise.
  • Develops and maintains knowledge of Cyber security and maintains an awareness of current developments.
  • Promotes transfer of knowledge and awareness of information security to those in related areas.
  • Is comfortable working virtually.
  • Is able to think and act like a hacker using his creativity to bypass IT defences.
  • Has at least 1 year experience in IT security and preferably experience in attack and penetration testing/ethical hacking or technical IT audits.
  • Preferably has performed penetration testing on IT infrastructure, web applications and mobile platforms.
  • Has a solid understanding of IT networks and operating systems such as Windows and Unix/Linux.
  • Has experience with analysing network traffic using tools such as tcpdump, wireshark.
  • Has experience using open source scanning tools such as nmap, nessus, metasploit and/or commercial tools such as Rapid7, Quallys.
  • Has experience with scripting tools and programming languages such as Perl, Python, C, C++, VBS, Java and analytical and reporting tools such as Excel, SharePoint and preferably Splunk.
  • Has relevant certifications such as, CISSP, SANS and preferably:
  • GIAC Penetration Tester (GPEN)
  • SEC 560: Network Penetration Testing and Ethical Hacking
  • SEC 542: Web App Penetration Testing and Ethical Hacking
  • GWAPT: GIAC Web Application Penetration
  • Offensive Security Certified Professional – OSCP Certification
  • Offensive Security Wireless Professional – OSWP Certification
  • Offensive Security Certified Expert – OSCE Certification
  • Offensive Security Exploitation Expert – OSEE Certification
  • Offensive Security Web Expert – OSWE Certification


This company is part of a group of energy and petrochemicals companies. They create a work environment that values differences and provides channels to report concerns. A diverse workforce and an inclusive work environment are vital to their success and are aligned with their core values of honesty, integrity and respect for people. Their collaborative culture values creativity and fresh perspectives. A career with this multinational puts you at the forefront of innovation, working towards building a better energy future. This particulair part of the business help build and implement IT solutions for a range of business functions, and are fundamental to the success of our client.


We offer a temporary job for 1 year.