ON-X, an independent French consulting and expertise firm, specializes in the integration of digital in businesses, administrations and communities.
Benefiting from 30 years of experience and three agencies (Paris, Toulouse, Montbéliard) to meet these new challenges, our firm is organized around 5 areas of expertise that accompany our clients successively to define the transition strategy, to pass the major stages of decision support, to architecture then to lead their implementation projects and finally to steer the services delivered.
Our mission: to serve our clients over time, to be a decisive player in the definition and implementation of digital transformation projects.
Mission :
Within the Digital Security division, you will contribute in a consulting position to:
Understand the business stakes of our clients.
Analyse the risks associated with architectures or organizations using professional methodologies, standards and standards (EBIOS, ISO 27005).
Ensure compliance with regulations (CNIL, RGS, LPM, II 901, IGI 1300).
Carry out consulting assignments for the needs of our clients (according to skills and affinities):
Perform an ISS master plan.
Write a Safety Policy (PSSI).
Provide a delegated ISST role.
Assist the RSSI in their day-to-day duties.
Accompany the creation, the evolution of an SMSI (ISO 27001) until its certification.
Implement good security practices (ISO 27002).
Support the integration of security into projects.
Accompany the approval of a system.
Create dashboards.
Construct and test a continuity plan (PCA) and business resumption plan (PRA) as defined in ISO 22301.
Support the creation of SOC.
Contribute to the development of the business with our clients.
Contribute to the coaching of consultants in the context of assignments on behalf of our clients.
Contribute to external communication.
Profil :
BAC+5 training or equivalent.
Several years of experience in the application of risk analysis methodologies and/or AMOA in the field of Information System Security.
Knowledge of IT and its issues in organizations.
General technical and scientific culture for understanding methods and techniques for analysing problems related to information security and the information system.
Good verbal and written communication skills.
Autonomy and sense of relationship and listening.
Ability to work and communicate in English.