GISACC - Cybersecurity Risk Analyst

Valeo is a tech global company, designing breakthrough solutions to reinvent the mobility. We are an automotive supplier partner to automakers and new mobility actors worldwide. Our vision? Invent a greener and more secured mobility, thanks to solutions focusing on intuitive driving and reducing CO2 emissions. We are leader on our businesses, and recognized as one of the largest global innovative companies.

Mission

Part of the Group Cybersecurity team, contribute to protect Valeo by performing the following activities:

• Cybersecurity risk analysis (70%)

• Project Cybersecurity advice/control (20%)

• Audits, Governance and Compliance activities (5%)

• Cybersecurity watch (5%)

Responsibilities

• Cybersecurity risk analysis

  • By using the methodologies and tools specific to the scope of the analysis, identify potential weaknesses and related risks for Valeo. It can cover, but is not limited to:

    • Third parties

    • IS/IT projects

    • Valeo sites

    • Personal data

  • Diagnose dysfunctions

  • Provide/implement remediation

  • Generate reports for both technical and non-technical staff and stakeholders (if any)

• Project Cybersecurity advice/control 

  • Control and advize during the RFI/RFQ phase

  • Advize/control  the Cybersecurity measures to be included in the contract

  • Advize the architecture, check the results of the Cybersecurity tests, follow-up the Cybersecurity action plans, advize for the Go-live decision

  • Advize/validate the major changes during the Run phase

• Audits, Governance and Compliance activities

  • Perform the organizational and/or technical audits. It can cover, but is not limited to:

    • Compliance audit (Valeo ISSP (Information Systems Security Policy), Cybersecurity standards/best practices…)

  • It can be performed:

    • On-site 

    • Remotely

  • Generate the audit reports for both technical and non-technical staff and stakeholders (if any)

​​​​​​​Contribution

• Audits, Governance and Compliance activities

  • Contribute to Cybersecurity awareness and/or training modules

  • Contribute to third parties audits

• Cybersecurity watch

  • Threats

  • Cybersecurity solutions

Perimeter

• Valeo (Travels abroad are expected according to the needs).

Qualifications

Education/Training

What education and education level are necessary for the position? 

Required: Bachelor’s degree or Master’s degree in Computer Science and/or Cybersecurity

Optional: ISO 270xx Certification(s). ISO 27005 certification is appreciated

Professional Experience

How many years of professional experience in a specific professional area are required for the position? 

• Experience in Cybersecurity

• Experience of at least 5 years in Cybersecurity with a strong focus on risk management

• You have already conducted several Cybersecurity audits and are able of having a relevant risk analysis at the governance, architecture and technical level

• Knowledge of the vulnerabilities and Cybersecurity threats

• Knowledge of the Information System (network, system, Active Directory, database, middleware…)

• Knowledge in software development is a plus

Languages

• Required: Fluency in English 

• Optional: French or other language

Job:

Cybersecurity Analyst

Organization:

Schedule:

Full time

Employee Status:

Regular

Job Type:

Job Posting Date:

2023-02-08

Join Us !
Being part of our team, you will join:
- one of the largest global innovative companies, with more than 20,000 engineers working in Research & Development
- a multi-cultural environment that values diversity and international collaboration
- more than 100,000 colleagues in 31 countries... which make a lot of opportunity for career growth
- a business highly committed to limiting the environmental impact if its activities and ranked by Corporate Knights as the number one company in the automotive sector in terms of sustainable development

More information on Valeo: https://www.valeo.com