Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Policies and Standards Specialist (ISO 27001) - French Mandat
Eingestellt von Base 3
Gesuchte Skills: Network
Projektbeschreibung
Global Security - Police and normative framework Coordinator
ROLE:
As an Policy and normative framework Coordinator you will carry the following responsibilities:
Maintain Information Security Policy:
- Keep the Information Security Policy set in line with the authoritative sources (laws, regulations, contractual obligations and Group requirements)
- Capture and analyse the feedbacks from the field (1st line implementers, Risk Assessors) in order to improve the Global Security Policy set
- Ensure that the policy requirements are clear and non-ambiguous
- Ensure and consolidate the efficiency and effectiveness of the Global Security Policy set
- Get the policies validated by the Global Security Community and then approved by the Top Management
Manage Global Security Normative framework:
Establish, maintain and supervise the implementation of the necessary processes for:
- maintaining and approving the Global Security Policy set
- managing the Global Security Standards
- ensuring the End-to-End compliance and traceability in the Global Security Normative framework (from the Authoritative Sources to the operational implementation)
- managing the non-compliances
Ensure appropriate Statement Of Applicability
Based on a good knowledge of the bank processes, entities, assets, and a personal network within the bank:
- Identify affected assets and processes;
- Attribute implementation responsibility;
- Get implementers' acceptance on the attributed implementation responsibilities;
Perform Legal & Regulatory Watch
- Ensure that all GS related authoritative sources are captured
- Perform gap analysis to ensure that missing elements are integrated when
- Certifications in ISO27k Information Systems Security Professional CISSP, CISA;
- 2-5 years' experience in developing and maintaining policies and/or processes (preferably in IT area).
- Experienced with regulatory requirements, ISO/IEC standards (eg: 27001 Information Security Management Standard)
- Tools: advanced knowledge and use of Office suite, relevant, Group tools, SharePoint,
- Coordination of/collaboration with externals resources
- Working experience with colleagues of BNPP Group ( Paris )
- Project Management/coordination skills (Ability to run projects averaging 100-150 days mostly intra-team).
- 2-5 YEARS' EXPERIENCE IN IT, INFORMATION SECURITY ENVIRONMENTS
- CAPABILITY TO QUICKLY UNDERSTAND END-TO-END PROCESS FLOWS AND CONTROL NEEDS.
- EXPERIENCE IN CREATING MEMOS TO THE ATTENTION OF SENIOR MANAGEMENT LEVEL.
- Preference will be given to candidate that have a good knowledge/practical experience of different bank entities/processes if possible
SOFT SKILLS:
- Strong and proven Communication, Listening and Convincing skills with a customer oriented mind-set.
- Ability to work in a dynamic and multi-cultural environment with a strong team spirit;
- Quick self-starter, pro-active attitude
- Accuracy and clarity in writing skills
- Flexible and open to change and innovation
- Good analytical and synthesis skills
- Autonomy, commitment and perseverance
- Ability to manage time and priorities efficiently and to work under stress;
- Results oriented;
ROLE:
As an Policy and normative framework Coordinator you will carry the following responsibilities:
Maintain Information Security Policy:
- Keep the Information Security Policy set in line with the authoritative sources (laws, regulations, contractual obligations and Group requirements)
- Capture and analyse the feedbacks from the field (1st line implementers, Risk Assessors) in order to improve the Global Security Policy set
- Ensure that the policy requirements are clear and non-ambiguous
- Ensure and consolidate the efficiency and effectiveness of the Global Security Policy set
- Get the policies validated by the Global Security Community and then approved by the Top Management
Manage Global Security Normative framework:
Establish, maintain and supervise the implementation of the necessary processes for:
- maintaining and approving the Global Security Policy set
- managing the Global Security Standards
- ensuring the End-to-End compliance and traceability in the Global Security Normative framework (from the Authoritative Sources to the operational implementation)
- managing the non-compliances
Ensure appropriate Statement Of Applicability
Based on a good knowledge of the bank processes, entities, assets, and a personal network within the bank:
- Identify affected assets and processes;
- Attribute implementation responsibility;
- Get implementers' acceptance on the attributed implementation responsibilities;
Perform Legal & Regulatory Watch
- Ensure that all GS related authoritative sources are captured
- Perform gap analysis to ensure that missing elements are integrated when
- Certifications in ISO27k Information Systems Security Professional CISSP, CISA;
- 2-5 years' experience in developing and maintaining policies and/or processes (preferably in IT area).
- Experienced with regulatory requirements, ISO/IEC standards (eg: 27001 Information Security Management Standard)
- Tools: advanced knowledge and use of Office suite, relevant, Group tools, SharePoint,
- Coordination of/collaboration with externals resources
- Working experience with colleagues of BNPP Group ( Paris )
- Project Management/coordination skills (Ability to run projects averaging 100-150 days mostly intra-team).
- 2-5 YEARS' EXPERIENCE IN IT, INFORMATION SECURITY ENVIRONMENTS
- CAPABILITY TO QUICKLY UNDERSTAND END-TO-END PROCESS FLOWS AND CONTROL NEEDS.
- EXPERIENCE IN CREATING MEMOS TO THE ATTENTION OF SENIOR MANAGEMENT LEVEL.
- Preference will be given to candidate that have a good knowledge/practical experience of different bank entities/processes if possible
SOFT SKILLS:
- Strong and proven Communication, Listening and Convincing skills with a customer oriented mind-set.
- Ability to work in a dynamic and multi-cultural environment with a strong team spirit;
- Quick self-starter, pro-active attitude
- Accuracy and clarity in writing skills
- Flexible and open to change and innovation
- Good analytical and synthesis skills
- Autonomy, commitment and perseverance
- Ability to manage time and priorities efficiently and to work under stress;
- Results oriented;
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung