Consultant Technical Information Security and Compliance – KPN 

Locatie Zoetermeer 

Uren per week 36 

Looptijd 17-07-2023 t/m 31-12-2023 

Optie verlenging Ja 

KPN teams responsible for Voice over IP services based on the IMS platform are looking for a practical Consultant Technical Information Security and Compliance.

A program under the responsibility of a Nokia project organization aims to migrate the current bare-metal based IMS solution to a virtualized Linux based IMS platform, where the establishment of (continuous) security compliance is a major challenge.

The project team includes:

•    A Nokia project organization that is responsible for setting up and integrating the new Nokia vIMS platform into the KPN network. This includes a Nokia project manager and a Nokia security consultant

•    A KPN architect / technology lead

•    Product Owners of the Voice teams who are responsible for managing the new vIMS platform after delivery

About the job:

The implementation of the new vIMS platform in KPN’s network is only allowed if it meets KPN’s security requirements (the ‘KSP’). The determination of how to implement these requirements is a responsibility of the project team.

The team is looking for a Consultant Technical Information Security and Compliance able to translate the KPN Security Policy into concrete technical and/or procedural solutions. The goal is that the KPN security policy is implemented on the vIMS platform, including the processes, procedures and documentation.

The E2E device for vIMS consists not only of the Nokia vIMS platform, but also of components that must be delivered by KPN. The above also applies to these network elements.

Target:

•    Implementing the KSP in the vIMS program

•    Translate security requirements into architecture choices and process design supported by Nokia, CISO and the executive organization

•    Taking care of and helping with process design within the executive organization.

•    For possible deviations from the KSP, initiate the exception process with KPN OSM/SSO and ensure decision-making.

•    Drawing up a substantiated security file showing how KPN’s security requirements are implemented by the VIMS program and its suppliers.

What profile are we looking for??

You have/are:

–    Experience in translating security measures/guidelines/requirements into technical implementation.

–    Experience in creating a design for the (technical or process) implementation of security policies in a complex environment.

–    Knowledge and affinity with infrastructure, databases, virtualization, cloud environments.

–    Strong in making procedures, work instructions, recurring activities + associated documentation.

–    Strong in guiding and motivating team members during implementation

–    A team player.

–    3-5 years of knowledge of/experience with technical information security

–    3-5 years of knowledge of/experience with security tooling like End point Protection and hardening agent (Micro trend and Qualys VMDR)

–    3-5 years of knowledge of/experience with ISO27001 + ISO27002.

–    3-5 years of knowledge of/experience with delivering/writing audit-proof documentation. Think in terms of: “design, existence and operation.”

–    Pragmatism in describing processes and procedures.

–    Pre: Experience with the auditable (demonstrable) setting up of security policy (Design – Existence – Operation).

–    Pre: knowledge of KPN Security Policy (KSP).

–    Pre: experience level IT architect.