IT company specialized on providing Business Intelligence and Data Warehouse services for banks. We are passionate about Business Intelligence. We are here to help our customers in expanding their view about their company.
The IT Security Senior Analyst for Business Projects is in charge to offer support and guidance on the security framework that must be applied by partners/providers (external parties) as being recommended in the group.
• perform security risk analysis following Group methodologies on business projects including providers and partners;
- ensure security is considered in business projects by performing risk analysis (identify security requirements, residual risks. etc);
- raise awareness among the partners/providers on the importance and necessity of respecting the company's security framework; synthesize information in a clear and easily readable format for partners/providers and make sure the security expectations are well understood;
- become aware of the business context and the necessities of each provider/partner; act with diplomacy to create solid business relations with those stakeholders;
- perform the security assessments of the ASSU’s applications based on the group methodology ASA (Application Security Assessment) getting inputs from business owners;
- request for security requirements such as penetration testing and integrate results in the risk analysis;
• offer security support o in handling requests of derogation from the Group’s security policies, regarding website access, application installation, information flow etc;.
• contribute to the GDPR program, application and data security part (Risk Analysis, update the security documents, business restitution, etc.);
• contribute to the audit / evaluation of suppliers (partners, delegates, etc.);
• participate in the realization of monthly and quarterly monitoring by updating security referentials; • propose ideas for improving or optimizing the internal procedures and methodologies to make them more efficient or adapted to our stakes;
• Graduate / Post Graduate;
• Advanced IT Security background;
• Presentation skills (sales), pedagogy, didactics (adapted speech in non-it language), diplomacy
• Advanced level in French (>=C1) and English (>=B2) is a must;
• Basic security networking background;
• Good command of Microsoft Office, with focus on Excel and Power Point;
• Understanding of operational risk assessment;
• General knowledge of external cyber threats like phishing, malware and virus attacks;
• Able to manage multiple projects at the same time with multiple external partners;
• Fast and independent learner, able to work both with and without fixed procedures;
• Previous experience in performing risk analysis in business projects;
We also value:
• Communication skills to liaise with various stakeholders and share knowledge within the team
• Adaptability skills to deal with different situations (different topics, different stakeholders, different IT applications);
• Pragmatism skills to quickly identify relevant information and focus on risks;
• Team spirit skills;
• Confidentiality skills.
• Certifications in the requested fields (. CISSP, CISM, ISLead Implementor, ISO, etc.)
• Security architecture knowledge; security background in Cloud, Agile, API, BigData, IAM;