Job Description:
Within IT Group, Informatics Directorate, the Cybersecurity & Digital Fraud Department's mission aims to structure, strengthen, and harmonize IT risk management and cybersecurity for the overall Group (approximately 30 entities) and:
• Define the vision and strategy for IT risk management and cybersecurity, and ensure the implementation of this strategy within the Group's operating entities.
• Monitor the security of the Group's information systems.
• Steer the IT Continuity and Resilience strategy and methodological framework.
The evolving Cyber threats landscape increases the security risk of the financial sector, that leads the client to strengthen its Cybersecurity maturity, IT risk management and Operation Resilience.
You will join the IT Group - Cybersecurity & Digital Fraud division, working within the CyberProgram Team.
Your main missions will be to steer and support the CyberProgram for several entities in way to increase cyber security.
As a Project Manager, you will lead the rollout of cyber exigences across entities, in way to evaluate the cyber maturity and to lead deployment to insure to reach the level required in case of need. Your key responsibilities are :
• Appropriate the cyber matrix (instances of objectives to be addressed),
• Take in consideration the context for each entity,
• Identify clearly the correct evidences to provide,
• Organize and realize the evidence collection per bundle in line with the campaigns schedules and escalate when needed, and follow their validation,
• Work with technical and business teams (e.g., secure development, identity and access management, third party monitoring, ), able to vulgarize technical points,
• Collaborate closely with SRM team which is in charge of evaluation,
• Support the organization of steering committees, run regular "quick check" sessions, and keep numerous stakeholders aligned throughout the implementation of the project,
• Produce clear, synthetic status updates and gap analysis (dashboards, one page briefs) for various stakeholders and the management.
Main Tasks:
* Appropriate context note / scope of application
* Identification of N/A and potential missing dependencies
* Appropriate cyber matrix (instances of objectives to be addressed)
* Identify evidences to provide
* Share with SRM's team during workshops (dependency / evidence)
* Formalize the expectations by email
* Share with providers during workshops
* Evaluation the level of difficulty
* Identification stakeholders
* Propose TARGET
* Communicate expectations to stakeholders
* Contribute to and maintain the implementation roadmap (tasks, milestones, deadlines),
* Track progress of the stakeholders against their roadmap and flag deviations,
* Organize and run regular follow up meetings and ad hoc checkpoints,
* Challenge teams when needed and raise alerts or escalate promptly.
* Keep every stakeholder informed of the current status, upcoming actions and their responsibilities,
* Produce clear status reports (dashboards, briefs) for stakeholders and management,
* Maintain a living FAQ / Sharepoint that captures information about the project, common questions and lessons learned.
Technical Skills:
Project management:
• 3+ years managing Infrastructure-oriented / Cyber projects.
• Create roadmaps, track milestones, produce clear status reports and dashboards.
• Expert knowledge of Microsoft Office tools (Excel, PowerPoint, ).
• Familiarity with Agile methodology is nice-to-have.
• General IT / information systems knowledge (understanding of servers, CIA triad, networking basics, different type of cybersecurity tests, ).
• Grasps of cybersecurity concepts.
• Good knowledge of -Secure development, Identity and Access Management and third parties management would be appreciated.
• Familiarity with PowerBI is a nice-to-have. Agile (nice to have)
Language Skills:
• English - Mastery
• French - Notions/ Nice to have
Soft Skills:
• Explain technical or regulatory topics to non-expert audiences.
• Lead and facilitate meetings, workshops or steering committees.
• Willingness to learn cybersecurity topics
• Proactive, adaptable and collaborative.
• Strong organizational skills and critical thinking skills.
• Ability to understand, explain.
• Faculty to coordinate numerous and heterogeneous stakeholders.