Define, implement and monitor SG EBS information security policies and framework according to Group and RESG standards taking into consideration the best standards of the Group.
Your Role in a Nutshell
• Participates in the identification of the information security risks through the analysis of the information received from operational or functional persepective;
• Play a vital role to help business lines identify, measure, control & mitigate risk exposures on a continuous basis;
• Define methods and structures: for informationa security risk management;
• Manages the structural exercises (collection of losses, scenario analysis, Risk and Control Self Assessment, KRIs), s/he issues proposals as regards to organization, governance and resources, s/he proposes improvements of procedures and evolutions of computing tools;
• Control & reporting: Collects and retransmits the risks data to his/her superior/s and to operational staff, s/he suggests operational reporting tools in addition to Group tools;
• Participate to the preparation of Dashboards on Risk exposures and updating Senior Management on the information security risks;
• Define, implement and monitor the information security framework for SG EBS;
• Assist SG EBS managers in defining and maintaining SG EBS information Security; as such, ensure that processes, procedures and controls are well formalized, up-to-date, and properly executed;
• Deliver an Information Security program in accordance with the global information security strategy and the Risk Culture program;
• Coordinate the investigation, resolution and reporting on security incidents;
• Develop and implement a local / global information security awareness program;
• Follow up the implementation of the action plans.
A little about You
• Masters or bachelors degree in Engineering or Computers;
• 3-5 years of experience in IT or BPO industry, out of which at least 3 years of experience in managing the IT risks;
• Good understanding of the internal and external Information security standards;
• Ideally should have working knowledge on some of the risk management and security tools like: Arch sight, SIEM tools, Penetration testing vulnerability assessments VA/PT tools, Nmap, Nessus, GFI Languard, Trend Micro, Qualys, Agiliance GRC, Symantec DLP;
• Ideally would possess some of the certifications like: ISO 27001, BS25999, ISO 9001, CISSP, CISM, CCNP, CCDP, CCNA, CCDA, ITIL.
We also value
• Good communication skills;
• Strong analytical skills;
• Result oriented, high flexibility and work autonomy.
Besides a career what else we offer
• Competitive remuneration based on qualifications and seniority
• Yearly bonus per company policy
• Discounts for retailers
• Medical services and life insurance
• Private pension contribution
• A modern working environment: open, informal, fun atmosphere
• Continuous training and development programs
• Work from Home