Security Analyst BISO Contrat : CDI

Sitel Group devient officiellement Foundever™.

Foundever™ est un leader mondial de l'expérience client (CX). Avec 170 000 collaborateurs dans le monde, nous sommes l’équipe derrière les meilleures expériences des 750 plus grandes marques internationales et digitales.

Nos solutions CX innovantes, notre technologie et notre expertise sont conçues pour répondre aux besoins opérationnels de nos clients et leur offrir une expérience sans couture, partout et à tout moment. Prenant en charge 9 millions d’expériences chaque jour dans plus de 60 langues et 45 pays, Foundever combine la force d’une présence mondiale à une approche entrepreneuriale, permettant aux entreprises de toutes tailles et de tous secteurs de transformer leur CX.

Business Information Security Officers (BISOs) serve in a client-centric role supporting the Sitel Group and exist to promote client satisfaction as part of the Global Security organization under the Business Information Security Office (BISO).

Working with global enterprise clients, BISOs collaborate with the IT solutions team, business development and deal desk to ensure comprehensive security design in a pre-sales environment.

The BISO is a critical resource to the legal team serving as the security subject matter expert on contractual language.

The BISO partners with Cyber Security Engineering, Cyber Security Operations, and Project Management Office (including Enterprise Change Management (ECM)) to oversee security matters during client implementations and changes.

The BISO serves as an internal resource to the Operations team to support client security audits, client change requests, and other security related topics pertaining to Sitel’s clients.

The regional role will oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements.

The position is open in the EMEA region close to one of our local offices to be able to work on site frequently.

Primary responsibilities

• The Analyst role will work under the direction of the Regional BISO or the BISO Manager to oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements
• Assist in conducting IT security risk assessments, reviews, investigations and risk management services throughout the company
• Under supervision of the Manager or Director, Regional BISO, provide security risk evaluation, audits, mitigation and solutions to projects and initiatives advocating security measures in line with contractual obligations and internal security policies
• Assist in the development and implementation of strategies to balance security recommendation with business needs
• Respond to inquiries and requests on security related questions from solutions providers, developers, engineers, and leadership team
• Work with IT to ensure assets are adequately secured to clients’ requirements
• Conduct and support physical security planning, reviews, audits and operations
• Provide Tier 2 support to our internal security, operations and other staff in the identification, investigation and mitigation of fraudulent and other prohibited activities, geolocation violations, DLP alerts
• Provide support to operations and account teams to remediate missed SLAs for security awareness, termination of accounts
• Provide security input to Enterprise Change Management team to facilitate client requested changes
• Provide support to the regional team to gather audit evidence and provide follow-up responses to client security audit activities or internal security audit activities
• Respond to and work security tickets as assigned to the regional BISO team
• Perform case management and execution of support for security investigations under the direction of the Regional BISO or the BISO Manager
• Participation and engagement in Sitel Regional Security initiatives, including but not limited to Site Security Questionnaire (SSQ) support, reviewing geolocation violations and data loss prevention (DLP) violations, ensuring that recommendations are made to meet the needs of Sitel clients and the business

Knowledge, Abilities, Skills and Competences

The BISO must respond and collaborate with internal partners and clients in a timely manner across international time zones. In addition to English, there is strong preference for a candidate that can bring language capabilities of the region he or she would support. Candidates must have backgrounds in network and/or server planning and design, implementation, and operations, with additional focus on one of more areas of security design. The BISO will apply business and technology skills with structured methodologies to deliver solutions to the customer, conduct solution demonstrations and technical presentations.

Knowledge/Abilities

• Knowledge and experience in Information Security best practices (technical knowledge and demonstrated technical expertise)
• Working knowledge of Common Security Frameworks (ISO 27000 series, SSAE 18, NIST SP 800 series, etc)
• Working knowledge of Privacy Frameworks (GDPR, HIPAA, PIPEDA, etc)
• Working knowledge of Payment Card Industry (PCI) framework and controls
• Other industry and country security requirements as required to support clients in the region supported
• Ability to appropriately handle critical information and sensitive information
• Effectively use Microsoft Office products, including Visio, in communication delivery
• Effective organization and communications skills
• Independent Decision Making Skills
• Self-motivated, directed and well-organized capable of working in a complex security environment with multiple local and international security requirements
• Ability to contribute security and apply security principles into the design of client IT solutions
• Review and contribute security expertise to client requested changes in the Enterprise Change Management process
• Input into enterprise security design based on client changes or requirements
• Input into other areas of security as client requirements evolve