IT Consultant - Security

Task description

The scope of services includes the following tasks, which are performed independently:
 

• Evaluate current situation and define, suggest and present an appropriate hardening guideline to follow. Present the framework to Uniper for a sign off - this will act as the framework for applying hardening measures. Document the results in .doc and .pdf.
• Define the technical approach / tooling to apply hardening measures. Document the results in .doc and .pdf.
• Define the execution approach and process to move existing servers to a hardened image and how to apply hardening to new installations - based on information coming from Uniper. This includes a small Proof of Concept as well. Document the results in .doc and .pdf.
• Define how applied hardening measures can be detected and tracked - based on own knowledge and information coming from Uniper. This includes a small Proof of Concept with the existing Vulnerability Management solution. Document the results in .doc and .pdf.
• Define the processes around exception handling and how to track and implement exceptions of the defined hardening. Store the documentation in internal SharePoint. Hand over the process to Information Security / Windows server team with a presentation.
• Provide professional consultancy about the entire improvement strategy to other stakeholders Information Security representatives or the windows server team. The goal is that this strategy reflects the outcome of the discussions with other stakeholders after it was signed off by the Uniper contact.

Uniper provides all necessary information, access to the systems and requirements in advance.