Description
Role: Cybersecurity ConsultantLocation : France- Lille and Paris
French speaking is mandatory.
About the Requirement:
This high profile bank has a cybersecurity unit that supports several internal client entities and their CISOs. It has the following strategic objectives:
• Ensure operational services of excellence: IT security and operational risk control, quality of IT production and sustainability of IT
• Deliver innovative, customer oriented IT solutions to build the relational and digital bank of tomorrow
• Improve operational efficiency, in response to agility and time to market challenges, and optimize ITcosts
The hiring Department supports the following activities:
• Monitor the security of the business units information (policy, incidents, security projects, risk analyzes, employee awareness, controls…)
• Monitor operational risks (audit follow-up, risk assessments, operational losses)
• Enable the BCP of the department.
Responsibilities of the Cybersecurity Risk Consultant:
In this context, the Cybersecurity Risk Consultant role is to contribute to:
- Contribute to overall business of the department and be a trusted team player
- Monitoring of security policy by projects:
o Leading risk analyses
o Documenting requirements and results
- Monitor operational activities:
o Processing derogations for projects
o Assess security of key suppliers
- Lead on the spot risk analyzes on specific topics
- Contribute define standard and security procedures
- Improve in-house risk analysis methodologies (based on ISO 27005/EBIOS)
In addition:
- Analysis of the level of security of private bank platform and applications France by providing security analysis standards
- Support security reviews during contracts, support provider security insurance plans
- Monitor security policies or rules for improvement opportunities afterannual review or deliverables and methodologies
Sample deliverables:
- Flash risk analysis,
- Security requirements questionnaire,
- Documents: policies, instructions, rules,
- Follow-up reports of assigned work with specific status of progress of each themes
- Support and monitoring of the portfolio of ITIM/transverse projects
MANDATORY SKILLS –Please list skills/experience on which Panel will be screening
Skills Desired:
Information security (mandatory), ISO 27001 knowledge, Masters degree in information security / cybersecurity or Masters degree in IT management with a specialization in IT audit or IT risk management.
Information security risk assessments, ISO 27005 Risk Manager certification (mandatory), practice of at least one security risk assessment methodology, such as EBIOS
Penetration testing (desirable, fundational)
French native level speaking, also able to lead business English conversations
Located in Lille or in Paris, with an interest for an international environment and cutting edge technologies
• Experience Level:
1 to 5 years of experience in cybersecurity
Location – France- Lille and Paris