Responsable de site / exploitation (H/F) / maintenance multitechnique / Troyes3 janvier 2019
Global Procurement Manager, IT & Marketing (M/W) position filled12 février 2019
Our client is an independent private investment company with assets of US$65bn managed or advised in Europe, North America and Asia. The company keeps entrepreneurship at its heart and delivers investment performance to its global investors while fuelling growth in economies across the world. It’s investment process embodies three values: excellence, loyalty and entrepreneurship.
Within the IT Risks and Governance team and reporting to the manager we're hiring a Cyber Security Officer (W/M) in charge of the design and validation of security solutions, adapting continually the level of cybersecurity of the company to the changes of its activity and needs.
1. Job description
• Take initiatives to improve the protection of sensitive company information,
• Understand and analyse the security functional requirements generated by business lines and provide adequate solutions,
• Participate in the definition of secure architectures,
• Take part in security projects by writing security functional requirements, validating chosen technical solutions,
• Validate the compliance of proposed solutions to the security policy and standards of the company,
• Perform risk analysis on information, systems and applications,
• Be in charge of the IT internal control plan,
• Document and review the security corpus: Sec policies, control objectives,
• Answer on a daily basis to all queries made to the information security team,
• Coordinate the answer of IT teams in case of security crisis,
• Oversee and supervise IT infra Security and report on operational security
• Information security governance: Design a 3-years Information Security strategy in alignment with IT strategy and define, execute and make evolve the company security control framework
• Information Security in projects: undertakes the definition of the Information Security in projects guidelines and methodology and ensure its application within the project development life cycle
• Information Security Incident and Investigations: undertakes the definition, the maintenance and the management of the Information Security Incident process in accordance with other existing IT incident and crisis processes
• Information security systems and tools: undertakes the functional support of security tools and the definition of new security tools required for the fulfilment of the Information Security mission
• Information Security awareness and training: undertakes the definition and the execution of an annual plan to promote an Information Security aware culture within the company.
• Client focus: ability to understand and take into account various business context and situations, and to translate them into security analysis for internal and external customers
• Team spirit / positive attitude / negotiating skills
• Significant experience in information security
• Expertise on non-technical sides of information security: policy definition / standards / procedures / functional architectures
• Technical expertise in information security: network security, system security, application security…
• Knowledge of asset management business would be a plus
• A passion for technology and security safeguarding with a desire to deliver
• Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
• Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
• Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
• Can make decisions that are well informed and timely
• Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
• Multi-tasking – can manage several concurrent projects
• Degree-level education or equivalent
• Fluent in English language (written and oral)
• A certification would be a plus (CISM, CRISC, CISSP)
The desired level of seniority usually demands around 5 to 10 years of proven IT security experience but we will look into candidates who are newer to the industry if they can demonstrate they are a serious IT professional.
If you can demonstrate you have knowledge of the latest IT thinking and threat modelling methods together with a creative drive, you could land yourself the job.