Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Policies and Standards Specialist (ISO 2700x) with Technical
Eingestellt von Base 3
Gesuchte Skills: Network
Projektbeschreibung
Security Policies and Standards Specialist (ISO 2700x) with Technical Background
ROLE:
As an Policy and normative framework Coordinator you will carry the following responsibilities:
Maintain Information Security Policy:
- Keep the Information Security Policy set in line with the authoritative sources (laws, regulations, contractual obligations and Group requirements)
- Capture and analyse the feedbacks from the field (1st line implementers, Risk Assessors) in order to improve the Global Security Policy set
- Ensure that the policy requirements are clear and non-ambiguous
- Ensure and consolidate the efficiency and effectiveness of the Global Security Policy set
- Get the policies validated by the Global Security Community and then approved by the Top Management
Manage Global Security Normative framework:
Establish, maintain and supervise the implementation of the necessary processes for:
- maintaining and approving the Global Security Policy set
- managing the Global Security Standards
- ensuring the End-to-End compliance and traceability in the Global Security Normative framework (from the Authoritative Sources to the operational implementation)
- managing the non-compliances
Ensure appropriate Statement Of Applicability
Based on a good knowledge of the bank processes, entities, assets, and a personal network within the bank:
- Identify affected assets and processes;
- Attribute implementation responsibility;
- Get implementers' acceptance on the attributed implementation responsibilities;
Perform Legal & Regulatory Watch
- Ensure that all GS related authoritative sources are captured
- Perform gap analysis to ensure that missing elements are integrated when
- Certifications in ISO27k Information Systems Security Professional CISSP, CISA;
- 2-5 years' experience in developing and maintaining policies and/or processes (preferably in IT area).
- Experienced with regulatory requirements, ISO/IEC standards (eg: 27001 Information Security Management Standard)
- Tools: advanced knowledge and use of Office suite, relevant, Group tools, SharePoint,
- Coordination of/collaboration with externals resources
- Working experience with colleagues of BNPP Group ( Paris )
- Project Management/coordination skills (Ability to run projects averaging 100-150 days mostly intra-team).
- 2-5 YEARS' EXPERIENCE IN IT, INFORMATION SECURITY ENVIRONMENTS
- CAPABILITY TO QUICKLY UNDERSTAND END-TO-END PROCESS FLOWS AND CONTROL NEEDS.
- EXPERIENCE IN CREATING MEMOS TO THE ATTENTION OF SENIOR MANAGEMENT LEVEL.
- Preference will be given to candidate that have a good knowledge/practical experience of different bank entities/processes if possible
SOFT SKILLS:
- Strong and proven Communication, Listening and Convincing skills with a customer oriented mind-set.
- Ability to work in a dynamic and multi-cultural environment with a strong team spirit;
- Quick self-starter, pro-active attitude
- Accuracy and clarity in writing skills
- Flexible and open to change and innovation
- Good analytical and synthesis skills
- Autonomy, commitment and perseverance
- Ability to manage time and priorities efficiently and to work under stress;
- Results oriented;
ROLE:
As an Policy and normative framework Coordinator you will carry the following responsibilities:
Maintain Information Security Policy:
- Keep the Information Security Policy set in line with the authoritative sources (laws, regulations, contractual obligations and Group requirements)
- Capture and analyse the feedbacks from the field (1st line implementers, Risk Assessors) in order to improve the Global Security Policy set
- Ensure that the policy requirements are clear and non-ambiguous
- Ensure and consolidate the efficiency and effectiveness of the Global Security Policy set
- Get the policies validated by the Global Security Community and then approved by the Top Management
Manage Global Security Normative framework:
Establish, maintain and supervise the implementation of the necessary processes for:
- maintaining and approving the Global Security Policy set
- managing the Global Security Standards
- ensuring the End-to-End compliance and traceability in the Global Security Normative framework (from the Authoritative Sources to the operational implementation)
- managing the non-compliances
Ensure appropriate Statement Of Applicability
Based on a good knowledge of the bank processes, entities, assets, and a personal network within the bank:
- Identify affected assets and processes;
- Attribute implementation responsibility;
- Get implementers' acceptance on the attributed implementation responsibilities;
Perform Legal & Regulatory Watch
- Ensure that all GS related authoritative sources are captured
- Perform gap analysis to ensure that missing elements are integrated when
- Certifications in ISO27k Information Systems Security Professional CISSP, CISA;
- 2-5 years' experience in developing and maintaining policies and/or processes (preferably in IT area).
- Experienced with regulatory requirements, ISO/IEC standards (eg: 27001 Information Security Management Standard)
- Tools: advanced knowledge and use of Office suite, relevant, Group tools, SharePoint,
- Coordination of/collaboration with externals resources
- Working experience with colleagues of BNPP Group ( Paris )
- Project Management/coordination skills (Ability to run projects averaging 100-150 days mostly intra-team).
- 2-5 YEARS' EXPERIENCE IN IT, INFORMATION SECURITY ENVIRONMENTS
- CAPABILITY TO QUICKLY UNDERSTAND END-TO-END PROCESS FLOWS AND CONTROL NEEDS.
- EXPERIENCE IN CREATING MEMOS TO THE ATTENTION OF SENIOR MANAGEMENT LEVEL.
- Preference will be given to candidate that have a good knowledge/practical experience of different bank entities/processes if possible
SOFT SKILLS:
- Strong and proven Communication, Listening and Convincing skills with a customer oriented mind-set.
- Ability to work in a dynamic and multi-cultural environment with a strong team spirit;
- Quick self-starter, pro-active attitude
- Accuracy and clarity in writing skills
- Flexible and open to change and innovation
- Good analytical and synthesis skills
- Autonomy, commitment and perseverance
- Ability to manage time and priorities efficiently and to work under stress;
- Results oriented;
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung