GO Product Security Officer Contrat : CDI

Référencée au sein de nombreux grands comptes en tant que fournisseur de prestation IT, Excel Management Conseil est une société de services en informatique existante depuis plus de 10 ans.

Riche d’une expérience significative en France et en Europe, notre groupe E.X.M.C se positionne en tant qu’acteur majeur sur le marché des sociétés de services en ingénierie informatique.

Nous intervenons à la fois sur des périmètres Métiers, Techniques et Opérationnels. Notre groupe affiche un effectif de plus de 300 collaborateurs disponibles et mobiles.

Nous sommes structuré autour de Quatre Pôles :

• Le Consulting et Assistance à Maîtrise d'Ouvrage (MOA, AMOA) dédié Banques, Finance, Assurances.
• L’ingénierie applicative (La maîtrise d'œuvre de projets informatiques (MOE), Ingénierie de développement, TMA, TRA, …)
• La production et les infrastructures (Ingénierie, Assistance Technique infogérance, architecture systèmes et réseaux, sécurité, cyber sécurité , Digital…)
• L’Informatique Décisionnelle et BIG DATA (Architecture(Avant-vente/POC/ Pilotage Projet) , Développement, Expertise (Hadoop,NoSQL, …))

Main missions:

• Monitor the Security Threat Landscape.
• Define and oversee Security Standards and Strategy implementation across the Group.
• Drive local security objectives with C-Level executive (COO, CIO, CTO, CFO…) of Company entities.
• Ensure the security of Group Operations as an entity.
• Provide centralized security services and products to Company entities.

The Company Security is divided in 4 main blocks:

• Corporate functions (Group Mandate): Security Advisory and Standards, Security Governance, Security Risk & Assurance, Security Strategy and Awareness
• CyberDefense (Group security services and products provider)
• Group Operations Security (Security of the hosting entity)
• Corporate Chief Security Officers (Oversight of entities’ security): Corporate Centre, European Markets, International Markets

The responsibilities include:

• Oversee security posture of GO Products throughout their lifecycle.
• Ensure GO Products respect of Group Security Instruction and GO Security Policies .
• Ensure globalization and standardization of Security Governance across GO catalogue of products.
• Ensure proper escalation of identified Security risks above appetite and proper GO Security representation in risks related committees.
• Maintain the necessary reporting to properly communicate and escalate Security posture of GO Products
• Act as a key advisor to Company senior management on Security matters (e.g. information risk management, cybersecurity, security control, monitoring, information privacy, operations, identity access management, security architecture, forensics) among multiple entities
• Support and drive the remediation of audit issues assigned to the GO products under the Security Officer’s responsibility
• Support the implementation of Security Assurance Framework in GO Products
• Ensure proper coordination and orchestration of Security Activities being performed by GO Security Teams (Security Officers, Risk Assessors, Security Analyst and Assurance team) to make sure they are properly aligned with overall GO Product strategy and specific necessities.
• Manage Security exceptions for Products in the assigned perimeter
• Act as a key advisor to The Company Senior management on Security matters (e.g. information risk management, cybersecurity, security control, monitoring, information privacy, operations, identity access management, security architecture, forensics) among multiple entities

A university degree in security and related fields (risks management, audit, international relations, information security, IT…).
A post-graduate degree in security or general management (such as an MBA) is an advantage.
Previous expertise as CISO/CSO, Information Security Officer, Physical Security Officer, Operational Resilience Officer, Business Continuity Officer or extensive experience reporting to a CSO, CISO, CORO, PSO or other 2nd line executive in an international organization
Expertise > 10 years
Expertise with product-oriented organizations.

Technical expertise:

• Expertise in Information Security Governance and Strategy concepts.
• Expertise in Information Security related with Public Cloud and/or On Prem technologies,
• In-depth expertise of products Primary Assurance and implementation level controls.
• Certification in security risk management (e.g., CISSP, CISM, CRISC, PMI-RMP) would be an asset.
• Expertise in Security Program and Project Management, including audit preparation and remediation.
• Expertise in Artificial Intelligence specific Security controls would be an asset.
• Familiarity with Agile Methodologies.
• Work environment: Fluency in English is a necessity (including Information Security English)