Full-Time Information Systems Security Manager

We are looking for an Information Systems Security Manager (m/f), full-time, near Lyon (Dardilly).

Job Summary: Reporting to the Group CISO, the CISO (pole) will be responsible for identifying and assessing risks, identifying technical and organizational measures to mitigate them, and monitoring the proper implementation of these measures within the poles under his/her responsibility.

This mission will be performed according to the objectives, directives, methodology, and security standards of Septeo Group set by the Group CISO, to whom he/she will directly report on the progress and monitoring of security actions and measures.

Daily Tasks:

• Reporting on risk treatment and associated indicators to pole managers and BU managers.
• Providing security expertise to all technical teams of the poles.
• Declining security objectives set at the group level within the subsidiary.
• Advising pole management on risk management strategy.
• Identifying and assessing risks with business units and implementing measures to reduce those risks.
• Advising business and technical departments (R&D, technical management, etc.) on technical choices and security measure implementation.
• Performing technological and regulatory monitoring.
• Writing and reviewing security policies specific to BUs and subsidiaries.
• Advising and raising awareness among employees of different teams about information system security.
• Assisting in the operational implementation of the company's security policy by subsidiary teams.
• Analyzing, processing, and monitoring security incidents.
• Assisting with security audits by clients and promoting pole security to Clients.
• Monitoring the proper implementation of security measures.
• Collecting indicators and reporting on risks, risk treatment, and effectiveness of security measures.

Travel is required.

About You:

• 3-5 years of experience in a similar role (CISO, Deputy CISO, etc.) and project management.
• Strong writing and communication skills.
• Ability to quickly understand complex technical environments and synthesize information.
• Advanced knowledge of security systems (network filtering, authentication, system security, encryption, threat protection), and attack techniques.
• Knowledge of risk analysis methods (EBIOS RM).
• Experience with ISO 27001 is a plus.

What is the last date for applying to the job?

Which countries are accepted for this remote job?