Entreprise
HCLTech is a global technology company, home to more than 223 000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending March 2025 totaled $13.8B. To learn how we can supercharge progress for you, visit hcltech.com.
We have been recognized as a Global Top Employer by the Top Employers Institute for the second time in a row for outstanding HR policies and best practices worldwide. We have also been certified as a Top Employer in 26 countries across three regions, Asia Pacific, Europe & Africa and North America.
These accolades re-affirm our commitment to our people by helping them maximize their potential and building an inclusive and progressive workplace that help our employees find their spark. To learn how we can supercharge progress for you, visit hcltech.com/careers.
HCLTech 's Global Delivery center in Morocco was launched in 2022, currently developing our tech presence in Sala Al Jadida (Technopolis Rabat Shore).
HCLTech received "Feel Good" 2024 label at the 2024 Employer Brand ceremony for having a transparent communication around their corporate culture.
Adresse
Technopolis Rabat
Poste
Context of the mission:
The Product Security Officer ensures the client Products in the perimeter security by supervising and monitoring their security throughout their lifecycle. The consultant acts as a role model for the client employees in spreading at a product level the client security commitments and make them adopted while overseeing the security of client product and ensuring that regular status reporting on progress on their security is formalized. As a Security Officer, the consultant will represent client Security and Product Security in front of client Entities. Through facilitating communication and product adoption, acting as a key point of contact for Entities. The main mission will involve raising security topics and ensuring effective communication between different stakeholders. The consultant main role will involve direct engagement with top management, including CIO, CTO, Head of Products, CSOs/CISOs, CRO, and other senior executives, to embed robust security practices within Product lifecycle and governance and ensure alignment across diverse product families and business units while ensuring that the GO Security capabilities are delivered to Products and Projects in the perimeter in line with overall Product Strategy and will support the coordination and prioritization of the different capabilities existing in GO Security. All in all, the main mission would be ensuring the security of client products throughout their entire lifecycle.
Services Description:
Group Security division is defining the security standards to be applied by client entities, overseeing the overall security posture across the Group, and providing centralized services to support entities (Crisis Management, Security Operations Centre, etc.). Throughout client Group, the security community represents composed of 1000 security professionals, working daily to protect our customers, operations, brand and people. To achieve this, we have gathered our three security disciplines: Information Security, Physical Security and Operational Resilience.
Main missions:
• Monitor the Security Threat Landscape.
• Define and oversee Security Standards and Strategy implementation across the Group.
• Drive local security objectives with C-Level executive (COO, CIO, CTO, CFO…)
• Ensure the security of Group Operations as an entity.
• Provide centralized security services and products to client entities.
Client Group Security is divided in 4 main blocks:
• Corporate functions (Group Mandate): Security Advisory and Standards, Security Governance, Security Risk & Assurance, Security Strategy and Awareness
• CyberDefense (Group security services and products provider)
• Group Operations Security (Security of the hosting entity)
• Corporate Chief Security Officers (Oversight of entities’ security): Corporate Centre, European Markets, International Markets.
The responsibilities include:
• Oversee security posture of client Products throughout their lifecycle.
• Ensure client Products respect of Group Security Instruction and client Security Policies.
• Ensure globalization and standardization of Security Governance across client catalogue of products.
• Ensure proper escalation of identified Security risks above appetite and proper client Security representation in risks related committees.
• Maintain the necessary reporting to properly communicate and escalate Security posture of client Products • Support and drive the remediation of audit issues assigned to the client products under the Security Officer’s responsibility
• Support the implementation of Security Assurance Framework in client Products
• Ensure proper coordination and orchestration of Security Activities being performed by client Security Teams (Security Officers, Risk Assessors, Security Analyst and Assurance team) to make sure they are properly aligned with overall client Product strategy and specific necessities.
• Manage Security exceptions for Products in the assigned perimeter
• Act as a key advisor to client senior management on Security matters (e.g. information risk management, cybersecurity, security control, monitoring, information privacy, operations, identity access management, security architecture, forensics) among multiple entities
Profile recherché
Expertise required / Certification(s)
Expertise:
• A university degree in security and related fields (risks management, audit, international relations, information security, IT…).
• A post-graduate degree in security or general management (such as an MBA) is an advantage.
• Previous expertise as CISO/CSO, Information Security Officer, Physical Security Officer, Operational Resilience Officer, Business Continuity Officer or extensive experience reporting to a CSO, CISO, CORO, PSO or other 2nd line executive in an international organization
• Expertise > 10 years • Expertise with product-oriented organizations.
Technical expertise:
• Expertise in Information Security Governance and Strategy concepts.
• Expertise in Information Security related with Public Cloud and/or On Prem technologies,
• In-depth expertise of products Primary Assurance and implementation level controls.
• Certification in security risk management (e.g., CISSP, CISM, CRISC, PMI-RMP) would be an asset. • Expertise in Security Program and Project Management, including audit preparation and remediation.
• Expertise in Artificial Intelligence specific Security controls would be an asset.
• Familiarity with Agile Methodologies.
• Work environment: Fluency in English is a necessity (including Information Security English)
