Security Policies and Standards Specialist (ISO 27001) - French Mandat

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Global Security - Police and normative framework Coordinator

Role:

As an Policy and normative framework Coordinator you will carry the following responsibilities:

Maintain Information Security Policy:

  • Keep the Information Security Policy set in line with the authoritative sources (laws, regulations, contractual obligations and Group requirements)
  • Capture and analyse the feedbacks from the field (1st line implementers, Risk Assessors) in order to improve the Global Security Policy set
  • Ensure that the policy requirements are clear and non-ambiguous
  • Ensure and consolidate the efficiency and effectiveness of the Global Security Policy set
  • Get the policies validated by the Global Security Community and then approved by the Top Management

Manage Global Security Normative framework:

Establish, maintain and supervise the implementation of the necessary processes for:

  • maintaining and approving the Global Security Policy set
  • managing the Global Security Standards
  • ensuring the End-to-End compliance and traceability in the Global Security Normative framework (from the Authoritative Sources to the operational implementation)
  • managing the non-compliances

Ensure appropriate Statement Of Applicability

Based on a good knowledge of the bank processes, entities, assets, and a personal network within the bank:

  • Identify affected assets and processes;
  • Attribute implementation responsibility;
  • Get implementers' acceptance on the attributed implementation responsibilities;

Perform Legal & Regulatory Watch

  • Ensure that all GS related authoritative sources are captured
  • Perform gap analysis to ensure that missing elements are integrated when & where relevant
  • In collaboration with Legal determine the applicability of the source to the bank
  • Maintain an traceable inventory

Education:

  • University degree in IT or science or an engineering degree, with a strong IT background or proven equivalent experience/skills in the area.

Languages:

English: Fluent
French and/or Dutch: Asset

Required knowledge/Experience:

  • 3-5 years of experience in information security, in IT process management,
  • Good understanding of IT security technology and processes (secure networking, web infrastructure, Wintel, UNIX, Mainframe, ATM, etc.);
  • Certifications in ISO27k Information Systems Security Professional CISSP, CISA;
  • 2-5 years' experience in developing and maintaining policies and/or processes (preferably in IT area).
  • Experienced with regulatory requirements, ISO/IEC standards (eg: 27001 Information Security Management Standard)
  • Tools: advanced knowledge and use of Office suite, relevant, Group tools, SharePoint,
  • Coordination of/collaboration with externals resources
  • Working experience with colleagues of BNPP Group ( Paris ) & ready to travel on ad hoc basis
  • Certified ISO27001 Lead Implementer
  • Experience in designing and implementing controls
  • Knowledge of GRC Tools such as RSA Archer eGRC Suite;
  • Project Management/coordination skills (Ability to run projects averaging days mostly intra-team).
  • 2-5 years' experience in IT, Information Security environments
  • Capability to quickly understand end-to-end process flows and control needs.
  • Experience in creating memos to the attention of senior management level.
  • Preference will be given to candidate that have a good knowledge/practical experience of different bank entities/processes if possible

Soft skills:

  • Strong and proven Communication, Listening and Convincing skills with a customer oriented mind-set.
  • Ability to work in a dynamic and multi-cultural environment with a strong team spirit;
  • Quick self-starter, pro-active attitude
  • Accuracy and clarity in writing skills
  • Flexible and open to change and innovation
  • Good analytical and synthesis skills
  • Autonomy, commitment and perseverance
  • Ability to manage time and priorities efficiently and to work under stress;
  • Results oriented;
Start date
ASAP
Duration
6months +
(extension possible)
From
Base 3
Published at
15.10.2016
Project ID:
1221198
Contract type
Freelance
To apply to this project you must log in.
Register