RESPONSIBILITIES
- Identity Access Management (IAM):
- Define and control privileged accesses (Admin, remote access (VPN), ...),
- Define, implement, review and improve policies, procedures and other documents (CERT), particularly with respect to information security processes
- Ensure that the controls performed are in line with the Information System risk analysis:
- Access control at the application, database and network level
- Vulnerability reports analysis (network, software, access, ...).
- Provide analysis and appropriate advice on vulnerabilities discovered.
- Following ongoing vulnerabilities analysis, develop remediation and corrective action plans in connection with operational and governance functions,
- Manage daily information system security vulnerabilities (CIRCL, CERT, etc ...) and monitor security update patches deployment for vulnerabilities with a significant risk for the company,
- Write and revise information security policies, standards, procedures and guidelines
PROFILE
- Bac +3 / 4 level in computer science with at least 7/8 years of experience in the field of information systems security
- Being CISM and / or CISSP certified is an advantage
- "Pen Tests" frameworks knowledge, being able to analyse and understand the reports provided by companies that have made these "Pen Tests".
- Network technologies knowledge: Cisco, Checkpoint, certifications are assets.
- Safety standards knowledge: ISO 2700X, NIST, COBIT, ...
- Experience in implementing information security solutions, standards, processes and procedures.
- Experience in defining information security controls and countermeasures, methods of analysis and their effectiveness
- Proficient in English, knowledge of French and German is an asset.
- Good management, presentation and communication skills.
- Autonomous, organized, able to answer to tight deadlines and to work under pressure.