What will your mission be?

The Information Security Officer is responsible for assisting the implementation, operation, monitoring and administration of a variety of tools and processes to protect company information in accordance with the Information Security Program and related policies.

Which tasks will you be working on?

• Develops Information Security, processes, procedures, standards, guidelines, and the training of staff.
• Manage the operation and improvement of IT security domains such as:
  • Vulnerability Management
  • Privileged Access Management
  • Incident Response
    • Managed Detection and Response
    • SOC/SIEM
    • Security Logging Infrastructure
  • Endpoint Security
  • Security Awareness
  • Governance, Risk and Compliance
  • Cryptography, Keys and Certificates
  • Configuration Management (Hardening)
• Responsible for the implementation of improvements to the effectiveness of the Information Security Program and its operations.
• Coordinate periodic internal security reviews and risk assessments; support internal and external information security audits.
• Support vulnerability assessments and security testing tools to identify security vulnerabilities and weaknesses and ensure consistency and compliance with established standards and security policies
• Identify and respond to security incidents, both technical and non-technical, define the remediation plan and remediation activities.
• Liaise with the EDF Group Cyber Group Office (GCO), EDF CERT and SOC, aligning on:
  • Procedures around incident response and vulnerability management
  • Compliance with the internal control framework
  • Implementation of the Cyber Memorandum.
• Keep up to date with the security field, including emerging vulnerabilities
• Establish and maintain strong working relationships with the departments involved with information security (Operations, Development, IT, Legal, Human Resources, and others)
• Perform other duties to support the technical and operational security of the organization as required

• In-depth experience of security domains, architectures and issues.
• Knowledge of SOC and SIEM tools.
• Knowledge of ISO27001/NIST Cybersecurity Framework.
• Fair understanding of Infrastructure and software generic components (network technology , Operating systems , DBMS, development languages, …).
• Fair Knowledge of Service Management tools.
• Strong analysis skills, eager and driven to deliver quality.
• Self-starter mindset
• Correct communicator, able to interact with different levels in the organization.
• Proficient in English verbal & written, able to speak French or Dutch.
• You hold a Bachelor’s degree in exact sciences or you have gained equivalent knowledge by relevant work experience.