Cybersecurity Officer

Position purpose:

The Cybersecurity Officer is responsible for:

• Participating to the definition and implementation of the IT security strategy and policies under the coordination of Cybersecurity leader

• Ensuring Cybersecurity compliance of IT Operations across all regions with the business requirements

• Controlling and reporting permanently the IT operations activities compliance based on the related security requirements

• Connecting with local regulations and overseeing the data protection within the organization

• Cybersecurity communication, leading investigations and audits, awareness training for all PR employees

• Analyzing permanently risks and reporting to the Head of Cybersecurity

• Providing cybers security technical support Level 2/Level 3

The main responsibilities are:

IT Operations security policies, standards and procedures

• Contributing to the global security strategy and policies definition and implementation

• Overseeing and controlling the information security policy and data protection policy implementation

• Contributing to the definition and implementation of Business Continuity Plan and Disaster Recovery Plan by collaborating with other stakeholders within IT Operations and Business

• Ensuring the alignment between the defined procedures and security management tools and the security & objectives

• Contributing to the communication of security policies, standards and procedures of IT Operations to internal and external stakeholders

Security compliance control and reporting

• Analyzing SOC reporting for compliance monitoring and bringing recommendations or alarming top management about IT security flaws

• Rolling out IT Operations security risk evaluation and impacts analysis

• Raising alarms to Cybersecurity leader, management team and related business/subsidiaries whereas a severe incident impacting the IT security is detected

• Reporting to the Cybersecurity leader and the Group Security Steering Committee the status of the security maturity with action plan or remediation plan

• Contributing the internal and external audits

Coordination and IT security monitoring

• Coordinating and following up remediation plans implementation with key indicators

• Participating to the internal and external events related to the information security

Connection with local Cybersecurity policies, requirements and regulations

• Understanding the local cybersecurity policies, requirements and regulations about security, data protection and data privacy regulations

• Ensuring the cybersecurity compliance of IT Operations with the local requirement

Communication, training & awareness

• Responsible for the IT Operations security communication content preparation, validation and distribution to all stakeholders (internal and external)

• Ensuring the definition and roll out of communication and awareness training plan/program towards all PR employees and their consistency

Technology watching                                                                               

• Following up security evolutions, major trends and best practices on technology, solutions and regulations

• Working closely with security vendors on new types of cyber-crime or computer viruses to help the IT Operations keep the security systems up to date

Cyber security technical support

• Contributing to critical incidents, crisis management and mitigation plans

• Providing technical support Level 2/Level 3

The profile required is:

• Education required: BAC+5 (engineering or business school / university specialized of information security and/or telecom, information system and network security, security, information encryption and coding, …)

• Experience / Background:

  • 5 + years of experience in a related area

  • Must have experience dealing with various levels within company

  • Proven track record of institutionalizing leading-practice methodologies and processes

  • Specific Expertise: Auditor/Lead Auditor ISO 27001 Implementer/Lead ISO 27001

  • Language required: Fluent in English

Job Posting End Date:

Target Hire Date:

Target End Date: