Information Security Officer
What will your mission be?
The Information Security Officer is responsible for assisting the implementation, operation, monitoring and administration of a variety of tools and processes to protect company information in accordance with the Information Security Program and related policies.
Which tasks will you be working on?
- Develops Information Security, processes, procedures, standards, guidelines, and the training of staff.
- Manage the operation and improvement of IT security domains such as:
- Vulnerability Management
- Privileged Access Management
- Incident Response
- Managed Detection and Response
- Security Logging Infrastructure
- Endpoint Security
- Security Awareness
- Governance, Risk and Compliance
- Cryptography, Keys and Certificates
- Configuration Management (Hardening)
- Responsible for the implementation of improvements to the effectiveness of the Information Security Program and its operations.
- Coordinate periodic internal security reviews and risk assessments; support internal and external information security audits.
- Support vulnerability assessments and security testing tools to identify security vulnerabilities and weaknesses and ensure consistency and compliance with established standards and security policies
- Identify and respond to security incidents, both technical and non-technical, define the remediation plan and remediation activities.
- Liaise with the EDF Group Cyber Group Office (GCO), EDF CERT and SOC, aligning on:
- Procedures around incident response and vulnerability management
- Compliance with the internal control framework
- Implementation of the Cyber Memorandum.
- Keep up to date with the security field, including emerging vulnerabilities
- Establish and maintain strong working relationships with the departments involved with information security (Operations, Development, IT, Legal, Human Resources, and others)
- Perform other duties to support the technical and operational security of the organization as required
- In-depth experience of security domains, architectures and issues.
- Knowledge of SOC and SIEM tools.
- Knowledge of ISO27001/NIST Cybersecurity Framework.
- Fair understanding of Infrastructure and software generic components (network technology , Operating systems , DBMS, development languages, …).
- Fair Knowledge of Service Management tools.
- Strong analysis skills, eager and driven to deliver quality.
- Self-starter mindset
- Correct communicator, able to interact with different levels in the organization.
- Proficient in English verbal & written, able to speak French or Dutch.
- You hold a Bachelor’s degree in exact sciences or you have gained equivalent knowledge by relevant work experience.