DESCRIPTION :
As part of the creation of a new position, we are looking for a Security Evolution Team Manager who will be in charge of security evolutions activities in support of ESSP activities and services provided to ESSP clients. For these activities, we are looking for someone with at least 5 years' experience in operational IT security or SOC operation or Cyber Crisis operations and critical and/or complex technical systems in the space, aviation or industry sectors. A team management experience and a very good level of English (minimum B2) are also needed.
Your main responsibilities/activities will be:
As a Team Manager:
* Lead and organize the Security Evolutions Team, ensuring the delivery of high-quality security architecture, governance, compliance, and risk analysis solutions.
* Oversee the development and implementation of security architectures and frameworks, integrating risk analysis as a core component of decision-making.
* Identify and planify training needs to maintain the team's expertise in security risk assessment methodologies, governance, and compliance.
* Ensure team deliverables quality (e.g., risk assessments, architectures, compliance reports) align with regulatory requirements and organizational objectives.
* Collaborate closely with SOC, IT, operational and business units to embed risk-aware security practices into projects and operations.
As a Security Specialist:
* Design and optimize security architectures with a focus on risk mitigation, ensuring alignment with business goals and compliance requirements.
* Lead security risk analysis (e.g., qualitative/quantitative risk assessments, threat modeling) to identify, prioritize, and mitigate risks.
* Develop and maintain expertise in security governance, including the development of risk-informed policies, standards, and controls.
* Support compliance initiatives by conducting risk-based assessments and ensuring adherence adherence to internal policies and external regulations (for instance : PSSI, ISO 27001, NIST, GDPR)
* Perform security control assessments and gap analyses, integrating risk findings into remediation plans.
* Support third-party risk evaluations, including vendor risk assessments and contract reviews.
* Advise and train on risk treatment strategies (e.g., acceptance, mitigation, transfer) and communicate recommendations to stakeholders.
As a Member of the Security Team:
* Actively contribute to enterprise risk management by identifying and escalating security risks in projects and operations.
* Proactively participate in change management, assessing security risks associated with new technologies, systems, or processes.
* Effectively support incident response by providing risk context and architectural insights during investigations.
Code d'emploi : Chef d'Entreprise de Sécurité (h/f)
Domaine professionnel actuel : Chefs des Ventes
Temps partiel / Temps plein : Plein temps
Type de contrat : Contrat à durée indéterminée (CDI)
Compétences : Amazon Web Services, Microsoft Azure, Sécurité Cloud Computing, Sécurité Informatique, Google Cloud, Anglais, Adaptabilité, Capacité d'Analyse, Prise de Décision, Sens de la Communication, Pensée Critique, Leadership, Résolution de Problèmes, Sens de l'Organisation, Esprit d'Équipe, Motivation Personnelle, Recherche, Aviation, Conduite du Changement, Conformité Réglementaire, Activités de Conseil, Contrôles de Sécurité, Traitement des Incidents, Gouvernance, ISO/IEC 27001, Exigences Réglementaires, Analyse de Risques, Analyse de Sécurité, Gestion de la Sécurité, Politiques de Sécurité, Gestion des Parties Prenantes, Gestion du Temps, Modélisation des Menaces, Réduction des Risques, Gouvernance et Gestion de l'Information, Réalisation d'Évaluations, Institut National des Normes et de la Technologie (NIST), KSEKOAOQ11HUY4LCLXGR, Management d'Équipe, Politiques Organisationnelles, RGPD, Applications des Règles et Consignes de Sécurité, Relecture de Contrat, Gestion des Risques
Type d'annonceur : Employeur direct
