Cybersecurity Officer

Position purpose:

The Cybersecurity Officer is responsible for:

• Participating in the definition and implementation of the IT security strategy and policies under the coordination of the Cybersecurity leader.

• Ensuring Cybersecurity compliance of IT Operations across all regions with the business requirements.

• Controlling and reporting on the IT operations activities compliance based on the related security requirements.

• Connecting with local regulations and overseeing data protection within the organization.

• Cybersecurity communication, leading investigations and audits, and awareness training for all PR employees.

• Analyzing risks and reporting to the Head of Cybersecurity.

• Providing cybersecurity technical support Level 2/Level 3.

The main responsibilities are:

IT Operations security policies, standards and procedures

• Contributing to the global security strategy and policies definition and implementation.

• Overseeing and controlling the information security policy and data protection policy implementation.

• Contributing to the definition and implementation of Business Continuity Plan and Disaster Recovery Plan by collaborating with other stakeholders within IT Operations and Business.

• Ensuring alignment between the defined procedures and security management tools and the security objectives.

• Contributing to the communication of security policies, standards, and procedures of IT Operations to internal and external stakeholders.

Security compliance control and reporting

• Analyzing SOC reporting for compliance monitoring and making recommendations or alarming top management about IT security flaws.

• Rolling out IT Operations security risk evaluation and impacts analysis.

• Raising alarms to the Cybersecurity leader, management team, and related business/subsidiaries when a severe incident impacting IT security is detected.

• Reporting to the Cybersecurity leader and the Group Security Steering Committee the status of security maturity with an action plan or remediation plan.

• Contributing to internal and external audits.

Coordination and IT security monitoring

• Coordinating and following up on remediation plans implementation with key indicators.

• Participating in internal and external events related to information security.

Connection with local Cybersecurity policies, requirements and regulations

• Understanding local cybersecurity policies, requirements, and regulations about security, data protection, and data privacy.

• Ensuring the cybersecurity compliance of IT Operations with local requirements.

Communication, training & awareness

• Responsible for the IT Operations security communication content preparation, validation, and distribution to all stakeholders (internal and external).

• Ensuring the definition and roll-out of communication and awareness training plan/program towards all PR employees and their consistency.

Technology watching

• Following up on security evolutions, major trends, and best practices on technology, solutions, and regulations.

• Working closely with security vendors on new types of cyber-crime or computer viruses to help IT Operations keep security systems up to date.

Cybersecurity technical support

• Contributing to critical incidents, crisis management, and mitigation plans.

• Providing technical support Level 2/Level 3.

The profile required is:

• Education required: BAC+5 (engineering or business school/university specialized in information security and/or telecom, information system and network security, security, information encryption, and coding).

• Experience / Background:

  • 5+ years of experience in a related area.

  • Must have experience dealing with various levels within the company.

  • Proven track record of institutionalizing leading-practice methodologies and processes.

  • Specific Expertise: Auditor/Lead Auditor ISO 27001 Implementer/Lead ISO 27001.

  • Language required: Fluent in English.

Job Posting End Date:

Target Hire Date: 2021-09-01-07:00

Target End Date: