EXPRESS UNION is looking as part of its activities for 01 System Security Service Manager.
Organization : Express Union GROUP SA
Activity : Management of securities portfolio, Acquisition of holdings, Acquisition and management of buildings Legal form Public limited company Dependence on the hierarchy ASSISTANT DIRECTOR OF PERMANENT CONTROL AND RISKS
- Define the risk management policy relating to the information system;
- Ensure the security of data and systems;
- Define information system security requirements.
Main Duties and Responsibilities
- Define information security governance within the Group (including viral policy);
- Define and manage the information security system including the backup plan;
- Develop the master plan for the Group’s information systems;
- Ensuring respect for the rights to the protection of personal data;
- Communicate and train staff on information security issues;
- Define the risk treatment plan and the associated security measures;
- Ensure the technological, regulatory and legal watch on the information system and the benchmarking of good practices;
- Map technical and functional risks and estimate their criticality;
- Analyze and understand the origin of a malfunction, incident or accident occurring in the information system;
- Analyze insurance contracts covering IT risks;
- Evaluation of information system security costs and development of an information system security budget;
- Develop information system security procedures;
- Contribute to the design of control procedures for essential operational functions outsourced to technical partners;
- Ensure the permanent control of activities relating to information systems;
- Ensure compliance with the provisions of the charter for the use of IT resources.
- Approval in applications: All business applications
- Technical incident resolution time;
- Number of major incidents;
- Computer system availability;
- Deadline for setting up the master plan;
- Number of successful attacks on Express Union’s computer system.
Qualification required : A minimum higher education level of BAC+3 in information systems or similar training.
- Excellent knowledge of the operation of computer systems and the security of information systems;
- Have a good knowledge of ISO 9001 standards on quality management, ISO 31000 on risk management, ISO 27000 on IT security and the ITIL standard on information systems management;
- Have a good knowledge of ISO 22 301 and 37 500, CMMI, COBIT and ISAE 3402 standards;
- Good knowledge of IT law.
- Strong analytical capacity;
- Ease in the use of the company’s business software;
- Excellent writing skills and spirit of synthesis;
- Great organizational capacity;
- Ability to study and build open relationships with new applications;
- Knowledge of computer security techniques.
- Strong ability to adapt to changes;
- Excellent listening, coaching and sharing skills;
- Ability to adapt his speech to his interlocutor;
- Ability to work under pressure;
- Thorough knowledge of French and satisfactory knowledge of English.
HOW TO APPLY?
Files expected at the addresses: firstname.lastname@example.org and email@example.com