Information Security Manager > Noisiel > Joboolo FR :
Société : XBP Europe Lieu : Noisiel
You will be an expert and point of escalation for all information technology (IT) security related aspects for the services created by XBP and provided to XBP's clients.
You will provide guidance on how to implement technical control and achieve compliance to the related InformationSecurity controls.
Key Responsibilities:
Acting as a point of escalation for IT Security issues and exceptions Ensuring effective and efficient communication, coordination and implementation of Security requirements and decisions Being responsible for the adoption of centrally mandated Security Solutions and the maintenance of technical security documentation and compliance to security controls Acting as the recognized expert for InformationSecurity policies and procedures and their implementation in relation to technologies created by XBP and supplied to its clients Spearheading independent reviews of IT Security Controls, prioritizing identified issues and assessing remediation actions for quality, considering the optimal cost-risk ratio as well the strategically optimal resolution (e.g.
InformationSecurity control evaluation and respective follow up activities) Verifying remediation concepts for critical and systemic issues and monitoring their execution according to plan Partnering with key stakeholders to act as mediator and subject matter expert for them on Information Technology Security topics.
Ensuring a common understanding of Information Technology Security risks and their implications for XBP and its clients Staying abreast of new cyber security threats and technology as well as changes in the business or legal / regulatory environment and supporting and advising Senior Management of potential impact Supporting the Development Lifecycle to ensure Ensuring implementation and compliance to IS controls and on-boarding to central control processes and central security solutions Ensuring the existence of all required IS artifacts e.g.
Key Operating Procedures, access concepts, roles, entitlement descriptions, end-to-end application and technical documentation Facilitating a regular communication and cooperation with all relevant stakeholder and functions Skills & Qualifications:
Rounded knowledge and experience of all the following InformationSecurity processes:
Application and Infrastructure Security, Identity and Access management, InformationSecurity Incident and Problem Management, InformationSecurity Governance for business and technology, InformationSecurity Risk Management Expert knowledge of InformationSecurity Principles, Policies and Procedures Profound experience in business and IT processes and respective InformationSecurity requirements Extensive experience with implementation of InformationSecurity Principles to development and delivery of software and hardware solutions An excellent and inspiring team leader, able to manage virtual teams of senior experts in a global organization Educated to degree level in InformationSecurity (or equivalent qualification / work experience) Knowledge about following frameworks, guidelines, best practices and regulations are MUST, for example - NIST, CIS, GDPR, ISO, PASSI, PCIDSS.
Comprehensive knowledge about Data Security Standards of France and EU regulations, ENISA guidelines including EU AI Act is mandatory.
Candidates should have either of these certifications - CEH, CISSP, CISM, CISA, CRISC.
