Cybersecurity Officer H/F Pernod Ricard

Position purpose :

The Cybersecurity Officer is responsible for :
- Participating to the definition and implementation of the IT security strategy and policies under the coordination of Cybersecurity leader
- Ensuring Cybersecurity compliance of IT Operations across all regions with the business requirements
- Controlling and reporting permanently the IT operations activities compliance based on the related security requirements
- Connecting with local regulations and overseeing the data protection within the organization
- Cybersecurity communication, leading investigations and audits, awareness training for all PR employees
- Analyzing permanently risks and reporting to the Head of Cybersecurity
- Providing cybers security technical support Level 2/Level 3

The main responsibilities are :

IT Operations security policies, standards and procedures
- Contributing to the global security strategy and policies definition and implementation
- Overseeing and controlling the information security policy and data protection policy implementation
- Contributing to the definition and implementation of Business Continuity Plan and Disaster Recovery Plan by collaborating with other stakeholders within IT Operations and Business
- Ensuring the alignment between the defined procedures and security management tools and the security & objectives
- Contributing to the communication of security policies, standards and procedures of IT Operations to internal and external stakeholders

Security compliance control and reporting
- Analyzing SOC reporting for compliance monitoring and bringing recommendations or alarming top management about IT security flaws
- Rolling out IT Operations security risk evaluation and impacts analysis
- Raising alarms to Cybersecurity leader, management team and related business/subsidiaries whereas a severe incident impacting the IT security is detected
- Reporting to the Cybersecurity leader and the Group Security Steering Committee the status of the security maturity with action plan or remediation plan
- Contributing the internal and external audits

Coordination and IT security monitoring
- Coordinating and following up remediation plans implementation with key indicators
- Participating to the internal and external events related to the information security

Connection with local Cybersecurity policies, requirements and regulations
- Understanding the local cybersecurity policies, requirements and regulations about security, data protection and data privacy regulations
- Ensuring the cybersecurity compliance of IT Operations with the local requirement

Communication, training & awareness
- Responsible for the IT Operations security communication content preparation, validation and distribution to all stakeholders (internal and external)
- Ensuring the definition and roll out of communication and awareness training plan/program towards all PR employees and their consistency

Technology watching
- Following up security evolutions, major trends and best practices on technology, solutions and regulations
- Working closely with security vendors on new types of cyber-crime or computer viruses to help the IT Operations keep the security systems up to date

Cyber security technical support
- Contributing to critical incidents, crisis management and mitigation plans
- Providing technical support Level 2/Level 3

The profile required is :
- Education required : Bac +5 (engineering or business school / university specialized of information security and/or telecom, information system and network security, security, information encryption and coding...)
- Experience / Background :
- 5 + years of experience in a related area
- Must have experience dealing with various levels within company
- Proven track record of institutionalizing leading-practice methodologies and processes
- Specific Expertise : Auditor/Lead Auditor ISO 27001 Implementer/Lead ISO 27001
- Language required : Fluent in English

Date de fin de publication :

Date prévisible d'embauche :
2021-09-01-07 :00

Date de fin d'emploi envisagée :