Senior IT Security Analyst - Risk/Control/Audit

Within the Compliance & Assurance function, the Senior IT Security Analyst establishes information security compliance and assurance programs that meet business requirements and undertakes risk management, control management, audit management, and control framework improvement related activities.

About the Role:
As an IT Security Manager, you will independently lead comprehensive cybersecurity efforts within the organization. Your specialized skills will ensure the highest standards of security are upheld. You’ll be pivotal in shaping our security posture, addressing advanced security challenges, and supporting team projects with your expertise.

Responsibilities:
• Lead the design and implementation of complex security architectures.
• Oversee advanced threat detection, monitoring, and mitigation efforts.
• Direct comprehensive security audits and risk assessments.
• Develop and enforce rigorous security policies and standards.
• Manage intricate incident response and recovery processes.
• Mentor less experienced security team members.
• Implement cutting-edge security technologies and best practices.
• Coordinate with cross-functional teams on security initiatives.
• Ensure compliance with industry standards and regulations.
• Prepare and present strategic security plans and reports to stakeholders.

Skills:
• Comprehensive Security Architecture: Expertise in designing sophisticated security architectures.
• Advanced Threat Management: Mastery in monitoring and mitigating advanced threats.
• Strategic Policy Enforcement: Skills in developing and enforcing high-level security policies.
• Leadership in Incident Recovery: Advanced incident response and recovery leadership.
• Compliance Knowledge: Proficiency in navigating industry standards and regulations.
• Team Mentorship: Ability to mentor and guide less experienced team members.
• Technology Implementation: Capability to implement and manage advanced security technologies.
• Strategic Planning and Reporting: Skills in strategic security planning and detailed reporting.

Work experience:

10 to 15 years of related work experience, in IT environment.

• IT risk, control, audit.

• Compliance frameworks, such as SOC 2, SOC 1, ISO 27001, HIPAA, FedRamp, NIST.

• Cloud environments: Microsoft Azure, AWS (Amazon Web Services).

• Enablon software – or equivalent – nice to have.

• Software development in an Agile environment.

• Security tools: antivirus, firewalls, WAF, SIEM…

• Microsoft 365 – Outlook, Word, Excel, PowerPoint, Teams.

Ability to write documents that are read, adopted, and used by the intended audience

Education:

University degree in general engineering or related to information security, IT, or software development (BAC+5 in France).

Security certifications are valued.

Languages: Fluent in French and English. Dutch is a nice to have.

Location: Bois-Colombes (Hauts de Seine, Paris area) - Hybrid