We Cook iT is an international software house that delivers software development to its corporate customers by providing highly skilled, communicative IT professionals to build their customized products through outsourcing, nearshoring and turn-key projects’ solutions.

How do we differentiate ourselves? By investing in the professional growth and personal care of our software developers. We provide them with a premium service so that they can do the same for our customers.

Our talented team holds software engineers and sales experts, spread across offices in Europe and South America, and we represent a go-getting and driven company who aims to be an inspiring software house, knowing our future relies on IT.

We Cook iT stand for growth, support, dynamic, companionship and communication. Our head office is located in Portugal in the heart of Lisbon (Avenida da Liberdade) and we work mainly for the European market.

We are looking for Security DevOps Expert / DevSecOps to work on-site in Brussels / Belgium office of European Union.

 Minimum 5 years experience in Cybersecurity Strategy: define objectives and build roadmaps.
 Minimum 5 years experience in architecting Cloud, Application or Network solutions.
 Minimum 3 years experience risk identification and Risk management Methodologies, such as ITSRM², ISO27005.
 Governance, Risk and Compliance (GRC) and tools such as ServiceNow.
 Good knowledge about the European cyber regulations, such as GDPR, NIS2, EU Cybersecurity Act, EU Cybersecurity Scheme etc
 Good knowledge of framework: ISO27001, ISO 27005, NIST SCF, NIST 800-53, CIS Controls…
 Previous experience as Business development manager or product manager.
 Experience in managing risk from a 3rd party service provider, including cloud vendors.
 Strong drafting and communication skills in English both orally and in writing (level C1);
 Self-motivated and autonomous, with ability to manage and follow up on multiple tasks simultaneously;
 Strong analytical skills, ability to approach problems from multiple angles and find creative solutions;
 Ability to produce mature executive summaries, presentations and to engage with stakeholders at any levels, from operational staff to senior management;
 Proven capacity to analyse complex information, to consider options in a clear and structured way, to propose and implement recommendations and to make sound decisions;
 Ability to work effectively both with team members and with customers;
 Ability to work under pressure and with tight deadlines, to make timely decisions, to reprioritize tasks responding to changes in a rapidly evolving work environment;
 Ability to develop and set up processes and structures across various fields of activities; Strong ability to learn and apply new/emerging technologies.

Specific expertise:

 Client operating systems, Windows, Linux
 Experience with large, enterprise-level multi-user Information Systems
 Experience with large enterprise-level network and application security
 Good knowledge with DevOps container or serverless /orchestration tools (ie: Docker, Ansible, Terrafom, Kubernetes, etc.)
 Good knowledge with cloud security architecture and security requirements
 Good knowledge with Threat Modelling in cloud environment
 Good knowledge with Cloud governance and compliance
 Good knowledge with Security and Privacy by design, in the cloud.
 Good knowledge with Monitoring tools (Splunk, Dynatrace, etc.)
 Good knowledge in the Cloud (Aws, Azure, Google, etc.)
 Good knowledge with designing cloud security architecture best practices.
 Good knowledge with Designing and implementing the organization's cloud usage practices, including rules and standards
 Good knowledge with applying cloud service providers security practices, compliance.
 Knowledge on Enterprise Architectures methodology: such as TOGAF or SABSA
 Experience with Digital Transformation activities
 at least 4 years of specific expertise in providing cybersecurity advisory to international organizations.
 at least 5 years of specific expertise in in a relevant position within Cybersecurity security, risk management, IT consultancy or IT audit.
 

Following certificates & standards are required for the performance of tasks (at least one of them):

• Information Security Certifications such as CISM 36
• Risk Management certification, such as CRISC, ISO 27005 RM 36
• Cloud Security certification such as CCSP, GCLD, 24
• Cybersecurity Certification: Ethical Hacker
• C|EH, GCIH 24
• ISO2701 12
• Governance Framework, such as COBIT 12
   

If you are looking for a fast-paced multinational company and have a desire to be part of the exciting state-of-the-art projects across Europe, send us your application in English.

We’re looking forward to hearing from you!