Description
Our client is a leading Telecoms company. We are looking for an IT Security officer to propose improvements to processes, procedures and policies in the security domain.
Reporting in to the Architecture & Security Manager your role will include:
*Produces the requirements set by business and for IT controls especially on security, data privacy and regulatory compliance.
*Produces security risk assessment and recommends IT security controls to reach risk levels agreed with various stakeholder
*Supports the organization's reference IT security architecture, its evolution and the selection of new security components
Supports the regulatory compliance of sourcing initiatives and manages all sourcing-related risks.
This role will address the implementation of security:
*Participates to IT Security Strategy activities and defines policies, guidelines and practices in line with Orange Group. Supports the implementation and application by all departments, business as well as technical.
*Proposes some continuous security improvement for security processes.
*Supports that the required security measurements are implemented and that regular checks happen: security assessment of projects (TTM & iTTM), vulnerabilities management & risk analysis and audit & control activities. Ensures SOX compliancy and introduces ISO27001 best practices
*Participates to define and maintain the Architecture for his/her specific domain (Security Architecture). *The Architecture blueprint is consolidated in the IT Master Plan and Architecture Policies, Standards and Guidelines.
*Works closely with the outsourcing partner Security Officers to build a joined view of the IT Architecture that will fulfil the security objectives.
*Enforces Security rules and policies in project design.
*He/she will be a key contributor in project solution design.
*He/she will therefore work in close collaboration with the Domain Managers and the project teams.
Experience:
-Deep technical knowledge including security in the cloud, data privacy and compliance
-Analytical skills
-GDPR knowledge is an asset
-ISO2700x framework knowledge is very important
-Bring security by design principles to project/program managers in the business requirements design phase
-Convincing; ability to clearly and transparently explain and justify his/her decisions
-Detail oriented
-Is an internal expert and a referent for his specific domain
-Ability to implement specific rules (eg security) internally and externally (partner)
-General understanding of the Business
-Good understanding of the security capabilities
-Improve the maturity of this Security practice in our company
Please send your CV now to be considered for this role as interviews will take place next week