For one of our clients in the utilities industry we’re looking for a freelance IT Security Consultant: Project description: Goal of the project is to introduce a package security solution at the client based on the existing Client Development platform. The first phase of this assignment will be focused on the identification of the target solution. Aim of the project: Protect the client from security and license risks by the use of 3rd party packages
Evaluate the current situation and define, suggest and present an appropriate package scanning solution. Present the solution to the client for a sign off - this will act as the framework for applying a package scanning solution. Document the results in doc and pdf.
Define the technical approach / tooling to apply scanning measures. Document the results in .doc and .pdf. Provide alternative solution approaches with pros and cons including cost impact. Presentation of the results to the client.
Define the execution approach and process to identify and mitigate security and license risks by the usage of 3rd party software packages - based on information coming from the client. This includes a small Proof of Concept as well. Document the results in .doc and .pdf. Presentation of the results to the client.
Define the processes around exception handling and how to track and implement exceptions of the defined quality gates. Store the documentation in internal SharePoint. Hand over the process to Information Security / Hosting and Cloud Technology with a presentation (remote)
Provide professional consultancy about the entire improvement strategy to other stakeholders, Information Security representatives or the HaCT team. The goal is that this strategy reflects the outcome of the discussions with other stakeholders after it was signed off by the client contact.
Experience in the introduction of package testing
Experience in the risk analysis of third-party components