IT Security Officer
Responsabilities:
- Take part in the day-to-day IT security operations (digital certificate issuing, Non Personal account support, incident reports, etc.).
- Respond to, and mitigate security incidents, including coordinating incident response efforts.
- Collaborate with IT teams to ensure the integration of security measures in system designs and implementations.
- Conduct continuous monitoring of IT systems for security threats and vulnerabilities.
- Follow-up and support security controls implementation the different IT Risk security domains: Foundations, Identity and Access Management, Change Management, Platform Security, Operational Resilience and Security Monitoring.
- Participate with the second line of defence in local and third parties risk assessments activities: assessing threats, mitigating controls, proposed controls, and their risk levels risk (Inherent, current and residual).
- Support the implementation of new IT regulations such as DORA, by performing gap analysis, action plan definition, implementation and/or follow-up.
- Take part in internal and external Audits.
- Support other IT Security officers in their various activities.
- Work with highly collaborative agile teams.
- Maintain good working relations with the other bank teams.
Profile:
- Master degree in IT Security or related domains.
- At least 5 years of experience in IT Security job (IT security officer, Information Risk Manager, IT Security governance consultant, etc.).
- Related certifications such as CISSP, CISM or similar experience.
- A good knowledge of English and a conversational knowledge of French are required.
- Ability to take initiatives and responsibilities.
- Ability to adapt and anticipate.
- Effective communication skills to convey security concepts to technical and non-technical stakeholders.
- Rigor, precision.
- Experience with standard IT Security components: Firewalls, proxies, DLP, Anti-virus, WAF, SIEM, etc.
- Experience with standard enterprise tools: Office suite, ServiceNow, CMDB tools, etc.
- Scripting knowledge to automate recurring tasks, such as Perl, Python, etc.
- Knowledge of standard developments practices and tooling such as GIT and Azure pipeline.