Information Security Officer
|Angajator:||Societe Generale European Business Services (SG EBS)|
|Nivel job:||> 5 ani experienta|
Information Security Officer
Define, implement and monitor SG EBS information security policies and framework according to Group and RESG standards taking into consideration the best standards of the Group.
Your Role in a Nutshell
- Participates in the identification of the information security risks through the analysis of the information received from operational or functional persepective;
- Play a vital role to help business lines identify, measure, control & mitigate risk exposures on a continuous basis;
- Define methods and structures: for informationa security risk management;
- Manages the structural exercises (collection of losses, scenario analysis, Risk and Control Self Assessment, KRIs), s/he issues proposals as regards to organization, governance and resources, s/he proposes improvements of procedures and evolutions of computing tools;
- Control & reporting: Collects and retransmits the risks data to his/her superior/s and to operational staff, s/he suggests operational reporting tools in addition to Group tools;
- Participate to the preparation of Dashboards on Risk exposures and updating Senior Management on the information security risks;
- Define, implement and monitor the information security framework for SG EBS;
- Assist SG EBS managers in defining and maintaining SG EBS information Security; as such, ensure that processes, procedures and controls are well formalized, up-to-date, and properly executed;
- Deliver an Information Security program in accordance with the global information security strategy and the Risk Culture program;
- Coordinate the investigation, resolution and reporting on security incidents;
- Develop and implement a local / global information security awareness program;
- Follow up the implementation of the action plans.
A little about You
- Masters or bachelors degree in Engineering or Computers;
- 3-5 years of experience in IT or BPO industry, out of which at least 3 years of experience in managing the IT risks;
- Good understanding of the internal and external Information security standards;
- Ideally should have working knowledge on some of the risk management and security tools like: Arch sight, SIEM tools, Penetration testing vulnerability assessments VA/PT tools, Nmap, Nessus, GFI Languard, Trend Micro, Qualys, Agiliance GRC, Symantec DLP;
- Ideally would possess some of the certifications like: ISO 27001, BS25999, ISO 9001, CISSP, CISM, CCNP, CCDP, CCNA, CCDA, ITIL.
We also value
- Good communication skills;
- Strong analytical skills;
- Result oriented, high flexibility and work autonomy.
Besides a career what else we offer
- Competitive remuneration based on qualifications and seniority
- Yearly bonus per company policy
- Discounts for retailers
- Medical services and life insurance
- Private pension contribution
- A modern working environment: open, informal, fun atmosphere
- Continuous training and development programs
- Work from Home
Only selected candidates will be contacted for an interview, the rest of the applications are stored in the database of the company for future opportunities. All applications are considered strictly confidential.