Offre d'emploi Consultant GRC (h/f)

emagine is looking for a “GRC Consultant” with a good level of English for one of its customers:

Start date: ASAP

Duration: Permanent

Location: La Défense - 3 days remote/Week
 

Deliverables:

Update the Information Security Management System (ISMS) in place in accordance with the ISO 2700

standard (policies, procedures, etc.)


Update the ISMS improvement plan and participate at deploying it to achieve the ISO 27001 target set

by Group Security


Make sure to systematically keep both entities Security Strategy aligned with the group

and oversee its full implementation & effectiveness


Identify the security roadmap and monitor its execution


Assess risks, threats, consequences, as well as draft and propose the Risk Treatment Plans


Take the lead on security projects and ensure that are deployed correctly and in accordance with

security expectations


Ensure the entity contributes to reinforce the Group Global Security capabilities


Ensure the required periodic testing of project, infrastructure, application, and 3rd party risks


Regularly update the CSO to contribute your expertise & insight to strengthen both strategy and

governance


Take the lead on initiating measures to ensure employees’ sustainable information security practices


Drive cultural and organizational change throughout his scope and implement a sustainable security

awareness practice


Effectively monitor, control and support service delivery, ensuring methodologies and procedures are

followed


Collaborate with the team and Operations representatives in the design of appropriate metrics for

reporting on key performance and risks indicators


Report on security Key performance and risks indicators (indicators collection, analysis of results,

identification of root cause of unsatisfactory indicators, identification of action plans, …)


Provide expertise and insights on overall operational effectiveness of security activities (Information

security, Operational resilience, Physical Security)


Proactively investigate new threats to the business and propose solutions to address them.


Improve security processes and try to converge and simplify when relevant


Perform security watch


Coordinate audits, establish action plans and ensure they are deployed in according to closure criteria


 

Skills :

Information risk approach and risks analysis experience.


Experience in advisory role on IT security in the BAU


Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent)


Organized with a proven ability to prioritize workload, meet deadlines, and use time effectively


Able to explain security challenges and recommendations to non-IT stakeholders


Ability to function effectively in a matrix structure


Proven facilitation, negotiation, and conflict resolution skills


Appling analytical rigor to understanding complex business scenarios


Fluent in English


 

If you are interested in this assignment, please send your application (CV + TJ) to the following address:
Marc Bassil
-email masqué-
XX XX XX XX XX