Responsibilities
* The Group Cyber Security Program is a set of requirements that all the entities of the company must comply with to face Cyber criminality Risk in compliance with the Regulatory Constraints.
* This Meta Program drives all the entities of the Group to launch their own programs and projects to meet this compliance, cover the Cyber Risks and enhance the security posture of the Group.
* To monitor the exact level of maturity in compliance with the Group framework those entities need to be evaluated regarding their achievements.
* The Cyber Program team oversees this evaluation.
* 16 colleagues (8 Externals and 8 Internals) in France and 6 colleagues in Portugal work together and share their knowledge to evaluate in a coherent assessment all the entities of the Group and for all the topics of the Cyber Program (almost 30).
Main Outputs of the Job
* Be part of a major transformation Cyber Program, strategic and visible for the Bank
* Transversal Mission with many interactions with the entities of the Group and experts in all cyber security fields
* Develop knowledge in all cyber security and IT risk fields
* Prepare your next step as a CISO, Program Manager or experts
* Deploy the maturity evaluation process on the entities of your perimeter
* Help the entities understand the requirements and delivers the required evidence
* Evaluate the entities evidence submission in coherence with the assessments of the other entities
* Communicate and inform the entities of all changes impacting them
* Facilitate the relationship between the Group IT providers and the entities
* Document the results of the assessments answering the reporting requested by the Governance of the program
* Develop internal projects to enhance the Cyber Program evaluation process
Qualifications
* Technical Skills: Knowledge within following topics would be appreciated
* IT Continuity and Backups Management (including DORA requirements)
* Cryptography (key management, certificate management, CKMS…)
* Network security (micro segmentation, hardening network architectural…)
* Knowledge of a standard framework (NIST or equivalent)
* General knowledge of IT and IT security, key related processes, and regulatory framework
* Risk Knowledge & Awareness
* Language Skills: English
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
* Industries IT Services and IT Consulting
#J-18808-Ljbffr