Cybersecurity Officer

The Cybersecurity Officer is responsible for:

Participating to the definition and implementation of the IT security strategy and policies under the coordination of Cybersecurity leader

Ensuring Cybersecurity compliance of IT Operations across all regions with the business requirements

Controlling and reporting permanently the IT operations activities compliance based on the related security requirements

Connecting with local regulations and overseeing the data protection within the organization

Cybersecurity communication, leading investigations and audits, awareness training for all PR employees

Analyzing permanently risks and reporting to the Head of Cybersecurity

Providing cybers security technical support Level 2/Level 3

The main responsibilities are:

IT Operations security policies, standards and procedures

Contributing to the global security strategy and policies definition and implementation

Overseeing and controlling the information security policy and data protection policy implementation

Contributing to the definition and implementation of Business Continuity Plan and Disaster Recovery Plan by collaborating with other stakeholders within IT Operations and Business

Ensuring the alignment between the defined procedures and security management tools and the security & objectives

Contributing to the communication of security policies, standards and procedures of IT Operations to internal and external stakeholders

Security compliance control and reporting

Analyzing SOC reporting for compliance monitoring and bringing recommendations or alarming top management about IT security flaws

Rolling out IT Operations security risk evaluation and impacts analysis

Raising alarms to Cybersecurity leader, management team and related business/subsidiaries whereas a severe incident impacting the IT security is detected

Reporting to the Cybersecurity leader and the Group Security Steering Committee the status of the security maturity with action plan or remediation plan

Contributing the internal and external audits

Coordination and IT security monitoring

Coordinating and following up remediation plans implementation with key indicators

Participating to the internal and external events related to the information security

Connection with local Cybersecurity policies, requirements and regulations

Understanding the local cybersecurity policies, requirements and regulations about security, data protection and data privacy regulations

Ensuring the cybersecurity compliance of IT Operations with the local requirement

Responsible for the IT Operations security communication content preparation, validation and distribution to all stakeholders (internal and external)

Ensuring the definition and roll out of communication and awareness training plan/program towards all PR employees and their consistency

Technology watching

Following up security evolutions, major trends and best practices on technology, solutions and regulations

Working closely with security vendors on new types of cyber-crime or computer viruses to help the IT Operations keep the security systems up to date

Cyber security technical support

Contributing to critical incidents, crisis management and mitigation plans

Providing technical support Level 2/Level 3

The profile required is:

Education required: BAC+5 (engineering or business school / university specialized of information security and/or telecom, information system and network security, security, information encryption and coding, …)

Experience / Background:

5 + years of experience in a related area

Must have experience dealing with various levels within company

Proven track record of institutionalizing leading-practice methodologies and processes

Specific Expertise: Auditor/Lead Auditor ISO 27001 Implementer/Lead ISO 27001