Junior/Medior Security Ops EngineerAmsterdam
The team is looking for a junior or medior Operations (OPS) Engineer, willing and capable to grow in experience to support existing IT/applications and to set up IT security administration for 3 new applications.
Your BusDevOps team is end-responsible for keeping your IT environment up and running and healthy, in a broad sense. It is a stable team and the team members are relatively experienced. The IT environment consists of Linux, Oracle databases, MS Windows Server, SQL Server, applications, middleware, and infra. Most of the applications are hosted on premises and are installed and fully maintained by the team. But also, 2 new SaaS applications will be added where the team will only be responsible to monitor and document their IT security. The team closely aligns with IT vendors, Infra departments and the end users at the departments Risk, Audit, Compliance and CSI.
Your team is a BusDevOps team, combining expertise of Business Analysts, IT and OPS specialists. The team works according to Agile scrum, which means that work is sliced in stories and planned via sprints, and as a team you take responsibility to deliver value according to sprint planning. Together with your team, you are responsible for supporting a stable, standardized and consistent IT environment and keep necessary documentation up to date. And together with all stakeholders, you jointly work towards the combined goal: support the end users by providing the IT solutions they need.
Main services delivered by you are:
- Write, coordinate and review security documentation. For the 3 new applications, and together with the other OPS engineers, find out and test how the application is secured and make sure that this is reflected in documentation. Where needed, organise meetings or at the vendors. For the SaaS applications: coordinate and review the documentation which needs to be delivered by the SaaS vendors. Examples of documents are: Approved business impact analysis template, IT security risk assessments, high level architecture, specification of applied security controls, creation of IT components in the CMDB, description of the change management process, user access design matrix, actual deviations from the user access design, characteristics of security event monitoring, disaster recovery plans, backup and restore test documentation, and specifications of encryption.
- Together with the other OPS engineers: responsible for availability, performance, security, and lifecycle management of the applications and other IT components. E.g. carry out system upgrades or clean installs, patching, analyse capacity issues, run scripts, and deploy fixes on acceptance and production environments
- Align with Infra departments where needed, e.g. about Linux/Oracle patches, DNS or load balancer issues, memory/CPU allocation for Linux Servers, the Private Cloud, backup and restore, disaster recovery testing
- Where needed, support projects or business processes of user groups, for instance:
- Alignment or cooperation with the Business Analysts in your team or with end users e.g. at resolving incidents
- Deploy a newly built datawarehouse/datamart environment, and setup of the (CDaaS) deployment process
- Migrations of applications from their current environment into the Private Cloud
- Upgrade of applications and Cognos.
- A hands-on, and pro-active professional who can organise, keeps oversight of complex processes in a changing environment, and delivers results
- Quick learner
- Background and interest in learning application maintenance and IT security
- Team player
- Analytical skills, attention to detail and writing skills. You are able to peel down technical problems, and explain root causes and work-around instructions to the business. You control the English l language and are able to set up and maintain documents
- Master or Bachelor degree
- If requested by the team, you are willing to work or be stand-by outside business hours
- You are experienced in or you are interested to learn about the following:
- An Agile/Scrum way of working
- Keeping IT Security measures ‘in control’ in the areas such as documentation, change management processes, user access, patch management, backup & restore/disaster recovery
- The CDaaS pipeline, or other deployment technologies
- Scripts e.g. to automate installations, data refreshes or (regression) testing
- MS Windows Server
- SQL Server