89 Emplois pour Cism - France

• Manage a team of security professionals, assigning tasks and monitoring their progress.
• Implement and enforce security policies and procedures, ensuring staff adherence.
• Monitor security incidents and vulnerabilities, responding promptly to mitigate risks.
• Collaborate with other departments to address security concerns and implement security solutions.
• Assist in compliance efforts related to security, ensuring the organization's adherence to relevant regulations.
• Participate in incident response and investigation, identifying security breaches and implementing corrective actions.
• Provide guidance on security technologies and practices, contributing to security strategy.
• Prepare and deliver security reports to senior management and relevant stakeholders.

Basic Qualifications :

• Bachelor's degree in a relevant field or equivalent combination of education and experience
• Typically, 7+ years of relevant work experience in industry, with a minimum of 3 years in a similar role
• Proven experience in information security management
• Proficiencies in risk management, compliance, and security technologies
• A continuous learner that stays abreast with industry knowledge and technology

Other Qualifications :

• Advanced degree in a relevant field is a plus
• Relevant certifications such as CISSP, CISM, or CISA are a plus

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Security Manager • PARIS LA DÉFENSE CEDEX,IDF,FRA

The Information Systems Security Manager (ISSM) is responsible for overseeing the security of an organization’s information systems and ensuring compliance with industry regulations, company policies, and best practices. The ISSM plays a critical role in managing risks, implementing security controls, and leading a team to protect sensitive information from internal and external threats.

• Develop, implement, and maintain information security policies, procedures, and guidelines.
• Ensure alignment with industry standards (e.g., ISO 27001, NIST, GDPR, CMMC, or local regulations).

• Identify, assess, and mitigate risks associated with the organization’s information systems.
• Conduct regular vulnerability assessments and penetration tests.

• Lead the development of incident response plans and procedures.
• Oversee investigations of security incidents and implement corrective measures.
• Communicate with customers on incidents impacting them.

• Ensure compliance with legal, regulatory, and contractual security requirements.
• Prepare for and manage internal and external security audits.
• Lead and chase stakeholders inside the company to feed all security and compliance documents asked by regulators and customers.

• Provide training and awareness programs to employees on security best practices.

• Oversee the implementation of technical security solutions such as firewalls and encryption technologies.
• Ensure secure configuration and patch management of IT systems.

• Work closely with IT, operations, legal, and management teams to integrate security into organizational processes.
• Provide security guidance during project planning and system development.

• Monitor systems for unusual activity and potential threats.
• Report on security metrics, trends, and incidents to the global system director.

• Stay updated on the latest cybersecurity threats, trends, and technologies.
• Propose proactive measures to address emerging security challenges with the global system director.

• Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s degree preferred).

• 5+ years of experience in information security, risk management, or related roles.
• Proven track record in managing security programs and teams.

• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certified Ethical Hacker (CEH).
• GIAC Security Essentials (GSEC).

• Strong knowledge of security frameworks (e.g., NIST, ISO 27001, COBIT).
• Familiarity with SIEM tools, firewalls, and antivirus systems.
• Proficiency in conducting risk assessments and implementing security controls.

• Excellent leadership and team management abilities.
• Strong analytical, problem-solving, and decision-making skills.
• Effective communication and interpersonal skills to collaborate with diverse stakeholders.

If you want to meet this challenge in a human-sized company, join us!

France

Permanent

ASAP

Apply now:

Upload CV *

Please tick this box if you would like to receive updates with our latest insights, industry trends, and invitations to flagship events. You can unsubscribe from these communications at any time.

By submitting this form you have read and agreed to our privacy policy and you consent to allow BSO to store and process the information submitted on this form.

Social network you want to login/join with:

The following tasks are the main ones (but not limited) to the role:

1. Familiarise and lead the pen test plan for baseline and project pen tests
2. Plan pen tests by quarter and complete required deliverables as required (scoping, SOWs, etc)
3. Work and interact with Application owners to plan and implement tests as needed
4. Work with the Scrum Master for the pen test area to ensure planned tests are factored and agreed such that the necessary PBIs for application owners is in place
5. Lead the complete lifecycle of a pen test from start to completion
6. Work with the third parties to plan resources and costs accordingly
7. Work with the pen test team and the technical people to look at ways to improve the testing in the following areas:
8. Coverage
9. Efficiency of tests (combine SAST & DAST testing with pen test to increase the testing process)
10. Look at ways of automating processes, requests and deliverables to increase efficiency (you are not expected to write the scripts or whatever; just to find opportunities)
11. Run the tri-weekly meetings with the team to handle issues, align tasks and manage resources
12. Work with Applications owners for:
13. Plan tests for the annual baselines and for the quarter pen tests
14. Providing the Intake forms, infra availability, results delivery and I-track allocation
15. Escalate application owners who fail to deliver the required inputs in time to support planned pen tests
16. Work with Third party Providers to:
17. Plan annual pen tests and resources needed
18. Work out any issues arising
19. Provide the Statements of Work and agree the scope
20. Achieve sign-off from 3rd parties to provide the accurate resources and costs that have been agreed
21. Work with management to:
22. Support the reporting of the pen tests and the information needed to support any monthly or quarterly reporting
23. Appraise of any issues and request support where these issues will prevent the execution of a test or tests
24. Provide a forecast and actuals on a monthly basis to track progress.

Why join us

Embark on your new adventure at Euroclear, and work at the heart of the global capital markets. We connect over 2,000 financial institutions across the globe. As an open and resilient infrastructure, we contribute to the stability of the financial markets. We help clients cut through complexity, lower costs, and mitigate risks of financial transactions. At Euroclear, we have the clear ambition to use our key role to facilitate and accelerate a sustainable global financial system.

• Work closely with inspiring, supportive and engaged colleagues from more than 80 different countries.
• Practice your talents in a highly professional international environment.
• Join a learning and development environment with an emphasis on knowledge sharing and training.
• Competitive salary and comprehensive benefits.

Find your own optimal balance within our hybrid working model, where you can connect at the office and also benefit from remote working.

We are committed to creating an inclusive culture that celebrates diversity and strives to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of any aspect that makes them unique (including race, religion, national origin, gender, sexual orientation, age, marital status, pregnancy, disability). If you need any specific accommodation due to disability or any other reason, you can let the recruiter know during your application process.

As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company's business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Chief Information Security Office (CISO) in charge of putting in place the required controls to adequately and effectively protect our information assets.

Information Security Intern To view the position details and/or apply to a position, click on theView Details link below the Job Title. If you have questions about the application process, please refer to theApplicant FAQ's .Bookmark this Posting Print Preview |Apply for this Job Posting Details

Do you have questions about the application process? If so, please refer to the Applicant FAQ’s.

• Technical Support & Maintenance: ·
  • Assist members of the Information Security Office with incident and service tickets, including creation and updates of runbooks related to tickets.
  • Support the maintenance of the Application Inventory and related processes to automate and ensure the data in this inventory is accurate.
  • Participate with programming to support procedures and automation of processes within the department.
• Threat Management and Analysis
  • Aid with threat hunting by leveraging data from key systems and threat intelligence from various sources.
  • Collaborate and support the vulnerability management process including infrastructure and web application vulnerability management scans.
  • Utilize multiple security tools for vulnerability management, unstructured data analysis, and basic security protocols.
• Documentation, Analysis, and Support:
  • Contribute to the creation and maintenance of documents such as spreadsheets that track, measure, and facilitate improvement of internal processes.
  • Assist with ad hoc projects and initiatives that require analysis and keen desire to learn various tools.
  • Assist with information security awareness activities appropriate for campus audiences

• A current Villanova University undergraduate student studying Computer Science, Electrical & Computer Engineering, Information Security, Criminal Justice, Information Systems, or related field.

• Completion of coursework relevant to the position, such as courses in information technology, cybersecurity, network security, computer science, or related topics, is required.

• Able to maintain confidentiality of security issues
• Excellent attention to detail
• Excellent oral, written, and interpersonal communication skills
• Excellent interpersonal skills with a strong commitment to quality
• Ability to work effectively as part of a highly motivated team

• Microsoft Windows operating systems and processes
• Functional understanding of application, network, database, physical, and system security and related computer technology and concepts
• Stays current and maintains effective level of expertise with technology advances in computer security

• A current Villanova University graduate student studying Computer Science, Electrical & Computer Engineering, Information Security, Criminal Justice, Information Systems, or related field.
• Undergraduate students currently enrolled in Villanova University who are in the process of completing the cybersecurity minor.

• Prior internship or work experience in a technical or security-related role.
• Experience in creating and maintaining documentation to support procedures and processes.

• Web and application security skill
• Vulnerability management and penetration testing skills
• Operating system proficiency (e.g., Microsoft Windows and Linux) and troubleshooting skills

• Knowledge of programming fundamentals
• Operating system concepts and system administration knowledge
• Familiarity with common security tools and technologies, such as vulnerability scanners, SIEM solutions, or network monitoring tools.

• Demonstrated interest in pursuing a career in information security or cybersecurity.

Required fields are indicated with an asterisk (*).

Crit Aéro TERTIAIRE, partenaire des recrutements pour Airbus, pionnier de l'aérospatiale durable pour un monde sûr et solidaire, vous propose un poste de CISO Part IS Support (F / H) à Toulouse. Vous avez une première expérience dans le secteur aéronautique ? L'embarquement approche !

Description du poste

Nos Commandantes de Bord vous expliquent pourquoi rejoindre Airbus : "Airbus est une entreprise renommée dans le secteur de l'aéronautique, reconnue pour son innovation et son expertise. Rejoindre Airbus, c'est intégrer un environnement dynamique et stimulant, où les talents peuvent s'épanouir et contribuer à des projets d'envergure internationale."

Crit Aéro recrute en mission d'intérim un CISO Part IS Support (F / H). Après une préqualification téléphonique, vous serez convié(e) à un entretien pour présenter votre parcours, vos compétences, qualités et votre cadre de recherche.

Voici les attentes pour ce poste :

1. Collaborer avec le département de la gouvernance de la sécurité pour définir le cadre des risques liés à la cybersécurité et la taxonomie des menaces.
2. Dériver le cadre des risques de cybersécurité en modèles de données et le partager avec les parties concernées.
3. Gérer et maintenir les plateformes de gestion des risques de cybersécurité (notamment Risk WatchTower).
4. Collaborer avec d'autres départements de sécurité pour recueillir l'appétit et la tolérance au risque des affaires.
5. Coordonner avec les autorités compétentes sur les questions de risques liés à la cybersécurité.
6. Rassembler et traduire les risques liés à la cybersécurité en ligne avec la gestion des risques d'entreprise (ERM).
7. Suivre en permanence les risques de sécurité et escalader en cas de risques majeurs.
8. Piloter le profilage des risques de sécurité et l'identification des tendances (analyse proactive).

Le salaire de référence est de 59 752 EUR selon profil.

Pour assurer un voyage réussi, il vous faut :

• Une envie, motivation, rigueur et assiduité comme carte d'embarquement.
• Un diplôme idéalement BAC+5, maîtriser l'anglais à l'oral et à l'écrit, l'italien serait un plus.
• Une expérience de 5 à 10 ans dans l'industrie aéronautique, avec une expertise en cybersécurité et expérience en projet IT.

Si vous avez tout lu, n'oubliez pas le nom de code : "Embarquement immédiat pour Airbus".

Tous nos postes sont ouverts aux candidats en situation de handicap.

Informations supplémentaires

• Expérience requise : 5 à 10 ans

Join to apply for the Chief information security officer role at Kbrw

Join to apply for the Chief information security officer role at Kbrw

Get AI-powered advice on this job and more exclusive features.

Our mission

We are living in exciting times where technology and digital transformation improve and disrupt businesses and their supply chains on a daily basis. At Kbrw, we’re disrupting the tech supply chain, and we aim to facilitate this transformation through high-performing software, driving our consistent growth. And guess what? You can help us achieve our vision!

Born in 2009, we are a leading European SaaS company on a mission to build robust, high-quality long-lasting projects. Our high performance cloud-native flagship solutions, such as Order Management System (OMS) and Warehouse Management System (WMS), helps complex businesses implement new omnichannel operations, orchestrate critical business processes, and improve customer promises across all business channels. We meet the highest IT requirements by achieving performance, robustness, configurability, easy integration, while also mitigating IT risks.

Kbrw is self-founded and has grown significantly over the last five years, with a 30% increase in its headcount and its revenue every year. Our solutions are already used by height CAC40 companies and deployed in over 16,000 sales outlets in more than 120 countries, managing a total transaction value exceeding 30 billion euros!

With offices in Paris, Bordeaux, Lille, Clermont-Ferrand, Barcelona and Shanghai our reach is global and we aim to be 200+ employees by 2025!

Let’s talk about our Security Team

Our cybersecurity team is backed by an ISO27001-certified policy framework. We maintain structured pentesting cycles and a standardized incident management process. A skilled security engineer supports day-to-day operations and we have access to cross-functional partners across IT, DevOps and Delivery teams. With clear protocols and mature response plans in place, the team focuses on continuous improvement and practical security enhancements. Together, we ensure reliable protection while enabling business innovation.

What will I be doing?

• Develop and implement comprehensive risk management processes aligned with Kbrw objectives.
• Create, update, and enforce cybersecurity policies in compliance with ISO27001, NIS2, SOC2.
• Respond to security-related RFPs and collaborate on contractual and technical proposals.
• Monitor security metrics, SOC operations, and emerging threats for proactive defense.
• Manage vulnerability assessments and pentests, coordinating remediation across infrastructure and applications.
• Define technical security requirements and support to ensure secure product and projects delivery.
• Deploy and administrate security tools, ensuring optimal configuration and integration.
• Plan and oversee security audits and remediation action plans.
• Design and deliver security training and awareness for all employees.
• Lead incident response procedures, business continuity planning, and crisis management exercises.
  
  

• 3+ years leading security teams
• CISSP, CISM or ISO 27001 Lead Implementer certifications would be preferred.
• Proven track record in risk management and compliance (ISO 27001, NIS2, SOC2).
• Hands-on experience with incident response and vulnerability management
• ISO 27001 implementation and audit methodologies
• NIS2, SOC 2 and GDPR compliance frameworks
• Develop enterprise cybersecurity strategy and multi-year roadmap
• Govern and manage cyber and third-party risk portfolios
• Create security budgets and ROI analyses, including financial forecasts and business cases
• Provide executive reporting and lead board-level security committees
• Build threat intelligence programs and conduct proactive cyber monitoring
• Implement security KPIs and performance dashboards
• Lead business continuity planning and high-level cyber crisis response
• Oversee supply chain security and assess third-party vendor risks
• Penetration testing
• Secure coding standards enforcement
  
  

• Familiarity with Chinese cybersecurity regulations (e.g. CCPS, MLPS, etc.)
• Hands-on exposure to SIEM and SOAR platforms
• Knowledge of secure cloud architecture
  
  

• An attractive compensation package:
• A transparent remuneration policy: from software developers to department heads.
• Participation in profits in France via the profit-sharing system
• Possibility of bonuses based on your results
• Family-friendly work-life balance: 2 days remote policy
• Meal allowance with Swile (€9.5 daily)
• ️ Private healthcare provided by AXA (100% covered by Kbrw for you and your family)
• Access to Leeto perks: theater, opera, sports clubs, concerts, festivals, trade fairs, etc.
• Work in an international, dynamic, and passionate environment with a company culture focused on learning and development:
• Software engineers' training: our developers undergo a one-month training in Elixir and React with a complete internal and certified training (Qualiopi)
• Personal development plan: each employee has an personal development plan established by their manager to integrate quickly and progress within the company
• Manager training: our managers are trained by our HR team and management experts to help provide the best managerial experience for their teams
• A structured and mature management process: our management approach is structured through well-defined processes via Lattice, an HR management platform
• Opportunities to grow fast: responsibilities and promotions are discussed twice a year during two performance reviews
• ️ Kbrw cares about our teams: we have been labeled a “Great Place to Work” for 2024/2025
  

• First meeting with Hari to get to know each other - 45 min
• A technical visio interview with Regis and Tommy (Security Expert) - 1 hour
• A last interview on site with Arnaud (CTO) and Alexandre (Chief of Staff) - 1 hour
  
  

• Seniority level Executive

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Kbrw by 2x

Neuilly-sur-Seine, Île-de-France, France 2 weeks ago

Neuilly-sur-Seine, Île-de-France, France 2 weeks ago

Neuilly-sur-Seine, Île-de-France, France 2 weeks ago

Houilles, Île-de-France, France 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

A propos de l'entreprise

A propos de l'entreprise :

Crit Aéro TERTIAIRE, partenaire des recrutements pour Airbus, pionnier de l'aérospatiale durable pour un monde sûr et solidaire, vous propose un poste de CISO Part IS Support (F / H) à Toulouse. Vous avez une première expérience sur le secteur Aéronautique ? L'embarquement approche. Le saviez-vous : en 10 ans, le pourcentage de femmes occupant un poste dans l'Aéronautique est passé de 18% à 23% selon le Gifas. Embarquez avec nous et laissez-vous guider !

A propos du poste :

Nos Commandantes de Bord vous expliquent pourquoi rejoindre Airbus : "Airbus est une entreprise renommée dans le secteur de l'aéronautique, reconnue pour son innovation et son expertise. Rejoindre Airbus, c'est intégrer un environnement dynamique et stimulant, où les talents peuvent s'épanouir et contribuer à des projets d'envergure internationale." Nous nous engageons pour un long voyage, Crit Aéro recrute en mission d'intérim un CISO Part IS Support (F / H). Pour préparer ce voyage, « après une pré qualification téléphonique, vous serez convié(e) à un entretien où vous aurez l'occasion de présenter votre parcours, vos compétences / qualités et votre cadre de recherche »

On vous dit tout ! Faisons escale sur votre plan de vol et les attentes de ce poste :

• Collaborer avec le département de la gouvernance de la sécurité pour définir le cadre des risques liés à la cybersécurité et la taxonomie des menaces.

• Dériver le cadre des risques de cybersécurité et la taxonomie des menaces en modèles de données et les partager avec les parties prenantes concernées.

• Gérer et maintenir les plateformes de gestion des risques de cybersécurité (notamment Risk WatchTower).

• Collaborer avec d'autres départements de sécurité pour collecter l'appétit pour le risque et la tolérance spécifique au risque des affaires.

• Coordonner et collaborer sur les questions de risques liés à la cybersécurité au sein d'Airbus et avec les autorités compétentes.

• Rassembler les sources de données, gérer et traduire les risques liés à la cybersécurité en lien avec la gestion des risques d'entreprise (ERM).

• Suivre en permanence les risques de sécurité et escalader au département de gestion de crise en cas de risques majeurs.

• Piloter le profilage des risques de sécurité à l'échelle de l'entreprise et l'identification des tendances (analyse proactive).

Le Salaire de référence est de 59 752 EUR selon profil

Profil recherché :

Our mission

We are living in exciting times where technology and digital transformation improve and disrupt businesses and their supply chains on a daily basis. At Kbrw, we’re disrupting the tech supply chain, and we aim to facilitate this transformation through high-performing software, driving our consistent growth. And guess what? You can help us achieve our vision!

Born in 2009, we are a leading European SaaS company on a mission to build robust, high-quality long-lasting projects. Our high performance cloud-native flagship solutions, such as Order Management System (OMS) and Warehouse Management System (WMS), helps complex businesses implement new omnichannel operations, orchestrate critical business processes, and improve customer promises across all business channels. We meet the highest IT requirements by achieving performance, robustness, configurability, easy integration, while also mitigating IT risks.

Kbrw is self-founded and has grown significantly over the last five years, with a 30% increase in its headcount and its revenue every year. Our solutions are already used by height CAC40 companies and deployed in over 16,000 sales outlets in more than 120 countries, managing a total transaction value exceeding 30 billion euros!

With offices in Paris, Bordeaux, Lille, Clermont-Ferrand, Barcelona and Shanghai our reach is global and we aim to be 200+ employees by 2025!

Our cybersecurity team is backed by an ISO27001-certified policy framework. We maintain structured pentesting cycles and a standardized incident management process. A skilled security engineer supports day-to-day operations and we have access to cross-functional partners across IT, DevOps and Delivery teams. With clear protocols and mature response plans in place, the team focuses on continuous improvement and practical security enhancements. Together, we ensure reliable protection while enabling business innovation.

• Develop and implement comprehensive risk management processes aligned with Kbrw objectives.

• Create, update, and enforce cybersecurity policies in compliance with ISO27001, NIS2, SOC2.

• Respond to security-related RFPs and collaborate on contractual and technical proposals.

• Monitor security metrics, SOC operations, and emerging threats for proactive defense.

• Manage vulnerability assessments and pentests, coordinating remediation across infrastructure and applications.

• Define technical security requirements and support to ensure secure product and projects delivery.

• Deploy and administrate security tools, ensuring optimal configuration and integration.

• Plan and oversee security audits and remediation action plans.

• Design and deliver security training and awareness for all employees.

• Lead incident response procedures, business continuity planning, and crisis management exercises.

• 3+ years leading security teams

• CISSP, CISM or ISO 27001 Lead Implementer certifications would be preferred.

• Proven track record in risk management and compliance (ISO 27001, NIS2, SOC2).

• Hands-on experience with incident response and vulnerability management

• ISO 27001 implementation and audit methodologies

• NIS2, SOC 2 and GDPR compliance frameworks

• Develop enterprise cybersecurity strategy and multi-year roadmap

• Govern and manage cyber and third-party risk portfolios

• Create security budgets and ROI analyses, including financial forecasts and business cases

• Provide executive reporting and lead board-level security committees

• Build threat intelligence programs and conduct proactive cyber monitoring

• Implement security KPIs and performance dashboards

• Lead business continuity planning and high-level cyber crisis response

• Oversee supply chain security and assess third-party vendor risks

• Penetration testing

• Secure coding standards enforcement

• Familiarity with Chinese cybersecurity regulations (e.g. CCPS, MLPS, etc.)

• Hands-on exposure to SIEM and SOAR platforms

• Knowledge of secure cloud architecture

• An attractive compensation package:

  • A transparent remuneration policy: from software developers to department heads.

  • Participation in profits in France via the profit-sharing system

  • Possibility of bonuses based on your results

• Family-friendly work-life balance: 2 daysremote policy

• Meal allowance with Swile (€9.5 daily)

• Private healthcare provided by AXA (100% covered by Kbrw for you and your family)

• Access to Leeto perks: theater, opera, sports clubs, concerts, festivals, trade fairs, etc.

• Work in an international, dynamic, and passionate environment with a company culture focused on learning and development:

  • Software engineers' training: our developers undergo a one-month training in Elixir and React with a complete internal and certified training (Qualiopi)

  • Personal development plan: each employee has an personal development plan established by their manager to integrate quickly and progress within the company

  • Manager training: our managers are trained by our HR team and management experts to help provide the best managerial experience for their teams

  • A structured and mature management process: our management approach is structured through well-defined processes via Lattice, an HR management platform

• Opportunities to grow fast: responsibilities and promotions are discussed twice a year during two performance reviews

• Kbrw cares about our teams: we have been labeled a Great Place to Work for 2024/2025

• First meeting with Hari to get to know each other - 45 min
• A technical visio interview with Regis and Tommy (Security Expert) - 1 hour
• A last interview on site with Arnaud (CTO) and Alexandre (Chief of Staff) - 1 hour

Kbrw is an equal opportunity employer. We believe diversity is a strength and fosters innovation. We are dedicated to fostering an environment where everyone feels both included and appreciated. Our commitment extends to providing fair consideration to all qualified applicants, irrespective of age, color, family background, gender identity, marital status, national origin, physical or mental ability, pregnancy, sexual orientation, social background, or any other characteristic protected by relevant laws.

We currently have a vacancy for an Information Security Compliance Officer , fluent in English, to offer his/her services as an expert who will be based in Strasbourg, France. The work will be carried out either on the company's premises or on site at customer premises. In the context of the first assignment, the successful candidate will be integrated into the Development team of the company that will closely cooperate with a major client's IT team on site.

Tasks:

• Implementation and monitoring of action plans following audits (risk analysis, application audit, internal audit);
• Management of the budget dedicated to information security;
• Management of the renewal of the solution park;
• Creation of calls for tenders and drafting of business cases;
• Replacement of the daily activities of the security manager, in case of absence;
• Crisis monitoring, participate in the prioritization of actions, monitoring of communication;
• Monitor and supervision of security audits and ensure risk analysis;
• Daily security management, regular contact with users and supervision of the "six-eyes-principle";
• Provide user training and creation and updating of e-learning;
• Creation of phishing campaigns and other awareness campaigns;
• Operation of software and security solutions;
• Creation and updating of the security documentation corpus (policies, procedures, guides);
• Regulatory and technical security monitoring.

• Bachelor's degree in IT, preferably in computer science, combined with minimum 5 years of relevant working experience in IT;
• Experience in implementation and monitoring of action plans following audits (risk analysis, application audit, internal audit);
• Experience in security in the context of application and infrastructure projects;
• Experience in monitoring and supervision of security audits (at least 2 per year);
• Experience with Qualification of security solutions and Qualifications of security alerts (SOC/EDR/SIEM) and security tickets;
• Experience in creating calls for tenders and drafting of business cases;
• Experience in risk analysis, crisis monitoring and regulatory and technical monitoring;
• Experience in security management and regular contact with users and supervision of the six-eyes-principle;
• Proven skills in Project Management, Team Management and Budget Management;
• Knowledge of security standards (e.g. ISO27k/EBIOS RM/etc.);
• Excellent command of the English language, and good knowledge of the French language.