Third-Party Cyber Risk Manager
HumanaSalary not specified
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Consulting, CybersecurityIndustries
Requirements
- Bac+5 (École d’ingénieur, Université ou équivalent) en informatique, idéalement avec spécialisation en sécurité
- Au moins 5 ans d’expérience sur un poste au sein d'une équipe GRC
- Compétences en analyse de risques
- Bonnes connaissances des solutions SSI et des normes (ISO 27001/22301, CNDP, NIST, PCI-DSS…)
- Idéalement certifié
- Anglais courant impératif
- Importance accordée à la veille
Responsibilities
- Définir, maintenir et diffuser le cadre de gouvernance sécurité (PSSI, chartes, politiques, normes)
- Accompagner les métiers et les projets dès la conception (Security by Design / Privacy by Design)
- Contribuer à la sécurisation des architectures (on-prem, réseau, applicatif, data, cloud, hybridation)
- Challenger et cadrer les environnements Cloud (Azure/AWS/GCP) sur les aspects conformité & contrôle
- Intégrer la sécurité dans les chaînes CI/CD et DevSecOps (requis, revues, outils SAST/DAST/IAST/Secrets)
- Piloter la gestion des risques IT & métiers (carto, analyses, plans de traitement, suivi)
- Superviser la conformité réglementaire et normative (ISO 27001/22301, CNDP, NIST, PCI-DSS…)
- Piloter les audits, BIA, PRA/PCA, tests, exercices de crise et plans de remédiation
- Conduire et soutenir les actions de sensibilisation et culture cybersécurité à l’échelle du groupe
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
Is remote work available for this position?
Télétravail is available on a large part of our missions, with a Flex Office environment available to everyone all the time to promote communication and collaboration.
What is the required experience for this role?
Candidates need at least 5 years of experience on a position within a GRC team, along with a Bac+5 degree in computer science ideally specialized in security.
What key skills are needed for the Consultant cybersécurité GRC role?
Required skills include competencies in risk analysis, good knowledge of SSI solutions and standards, staying up-to-date with industry veille, and fluent English.
What does the company culture look like at Act digital?
The company emphasizes employee development with expert communities, nearby project and HR support, annual training and certifications, expertise path recognition, international mobility, and intrapreneurship opportunities.
What makes a strong candidate for this position?
A strong candidate has 5+ years in a GRC team, a Bac+5 in IT with security focus, risk analysis skills, SSI and standards knowledge, certification ideally, commitment to veille, and fluent English.
A1M Solutions
Design and data support for government healthcare
About A1M Solutions
A1M Solutions specializes in providing design, data, and policy-informed support for government healthcare programs, with a focus on serving disadvantaged populations. The company leverages expertise in government healthcare programs, data analysis, and policy/legislation to design effective business strategies and enhance digital service delivery, utilizing agile research and insights to untangle complex problems and generate thoughtful solutions.
Chico, CA, USAHeadquarters
2018Year Founded
VENTURE_UNKNOWNCompany Stage
Consulting, Social ImpactIndustries
11-50Employees
Related Jobs
RemoteRemoteSecurity Architect
EarnestSalary not specified
Full Time
Expert & Leadership (9+ years)
RemoteGRC Manager
BasetenSalary not specified
RemoteSr. Information Security Analyst
ValonSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteCompliance Manager
Danaher CorporationSalary not specified
RemoteSr. IT & Cyber Operations Analyst (Remote)
CrowdstrikeSalary not specified