Data Protection and Information Security Officer Assistant > A2MAC1 - Decode the future > Joboolo FR :
Société : A2MAC1 - Decode the future Lieu : Boulogne-Billancourt
The DPO & IS OfficerAssistant supports the DataProtection and InformationSecurityOfficer in implementing and maintaining the organization's dataprotection and security policies.
The assistant will help to ensure that our company's data and information assets are protected from unauthorized access and comply with privacy laws.
His scope covers all security assurance activities related to the availability, integrity and confidentiality of customers, business partners, employees, suppliers, contractors and business information in compliance with the organization's informationsecurity policies.
A key element of the DPO & ISO Assistant role is working with company business teams, HR, Finance and corporate legal to determine acceptable levels of risk for the organization.
This position is responsible for enabling and supporting the establishment and maintenance of the corporate-wide informationsecurity management program and working with operation security team to ensure that all information related assets are adequately protected.
TASKS & RESPONSABILITIES Key Responsibilities Assist in the development and enforcement of security policies and procedures.
Coordinate with IT departments to implement security measures and conduct regular system audits.
Support the DPO in monitoring compliance with GDPR and other dataprotection laws.
Help in conducting risk assessments and data impact analysis.
Facilitate security training sessions for staff to raise awareness about dataprotection.
Assist in managing security incidents and breaches, including documentation and reporting.
Keep abreast of the latest security trends, threats, and regulatory changes.
DataProtection and InformationSecurity Governance and Risk Management Under the direction of the DPO & ISO, help develop, maintain and monitor a strategic, comprehensive enterprise informationsecurity and IT risk management program.
Work directly with the business units to facilitate risk assessment and risk management processes to establish and manage a company risk register.
Assist with the overall business technology planning, providing a current risk viewpoint and knowledge and future vision of technology and systems in the product innovation and development processes.
Partner with business stakeholders across the company to communicate and deploy company policies updates and raise awareness of risks and security related concerns to deliver cyber awareness program.
DataProtection and InformationSecurity Compliance and Control Manage and lead implementation of company security compliance programs such as GDPR, CCPA or PIPL, TISAX certification, ISO 27001, NIST/NIST CSF or SOC 2 type 2 compliance frameworks.
Audit, control and validate acceptable risks and compliance of company processes, cloud, application and infrastructure changes, company suppliers and contractors services and be force of proposal to meet security and performance standards.
Understand and interact with related disciplines through committees to ensure adequate governance and the consistent application of policies and standards across all company processes, projects, systems and services.
Work on Sales enablement by assisting Customer Service Delivery and Sales / Business development teams to promote our company and datasecurity maturity of our products and services in front of our customers and prospects.
This includes maintaining a security portal with marketing grade Security Assurance Plan and prefilled Cloud Star Alliance CAIQ / NIST CSF security questionnaires.
KEY MEASURES & INDICATORS (main KPIs used in the role) Security governance metrics, incidents, threat level and risk exposure ISMS deployment coverage including security awareness ratios GDPR and TISAX compliance, ISO 27001, NIST CSF and external audits from customers and company owners PROFILE REQUIRED Certifications Bachelor's degree in Information Technology, Cybersecurity, or a related field.
Professional security management certifications such as CISSP, CISM, or equivalent are highly desirable.
Professional Background Minimum of 5 years of proven and successful experience in a combination of risk management, informationsecurity and IT jobs with international exposure Understanding of informationsecurity principles and dataprotection regulations.
Familiarity with cybersecurity frameworks (e.g., ISO 27001, NIST).
Strong analytical and problem-solving skills.
Excellent communication and interpersonal abilities.
Ability to handle confidential information with discretion.
Proficient in using security software and tools.
Experience in automotive or industrial business is a plus.
Skills & Abilities MUST-HAVES Professional English at business negotiation proficiency, both written and oral.
Experience with dataprotection impact assessments (DPIA).
Knowledge of IT audit strategies and frameworks.
Advanced skills in Cybersecurity, Microsoft 365, Azure Cloud and Windows technologies â??Team Playerâ? attitude with excellent organizational skills and proven ability to leverage internal resources.
Knowledge of various IT and business functions, software development processes.
Experience and skills in Solution Architecture and PMO / project portfolio management.
Need to be able to develop status reports for external and executive stakeholders.
Capacity to work with an agile methodology.
Technical writing / documentation skills with passion.
NICE-TO-HAVES Professional French and/or German or Chinese.
A2MAC1 - Decode the future Boulogne-Billancourt Expérience souhaitée
