La filiale française d’une banque étrangère recherche un(e) consultant(e) indépendant(e) pour réaliser une mission de longue durée en sécurité de l’information, compliance, réglementation, …

Plus de détails ci-dessous : 

The purpose of the job is to ensure adequate security controls for France, meeting security, privacy and business continuity requirements of ACPR and GDPR and ensuring the information security compliance requirements for the France.

Policies, Systems, Processes & Procedures

Review and ensure the France information security policies are aligned with group policies and practices.

  • Review BRDs, Solution Design, Network Security Design and other security requirements from regional business units and local IT
  • Perform Technology Risk Assessments for new initiatives and Vendor Risk assessment process
  • Good knowledge on Cloud Technology and Service offerings in public and hybrid Cloud models. Solid understanding on Cloud Security Principles, Risk and Control
  • Review and provide recommendations to France policies, standards, guidelines/ processes with respect to ACPR, GDPR regulatory requirements, EBA and Cloud Security
  • Coordinate with business units to define SLA for France
  • Formulate the security strategy and roadmap for France

Information Security

  • Establish contact with local compliance function to receive security updates & circulars
  • Coordinate within group to address risk remediations identified by internal and external audits
  • Monitor and track open issues till closure
  • Assist GSO and BU in attaining information security compliance objectives
  • Identify issues that could impact the bank and escalate any serious issues/ breaches/ violations; develop/monitor action plans for its closure in liaison with local and business
  • With support from Head Office GSO, perform risk assessments for locally implemented IT solutions and track open risk issues to closure
  • Review new regulatory legislations; promptly communicate all regulatory notices/circulars to all concerned areas, provide interpretations if necessary; develop/monitor action plans towards its
  • Assist Head office during Regulatory Examinations; ensure implementation/regularization of observations linked to compliance while meeting the deadline(s).
  • Respond to queries that are sought by local Regulatory Authorities / Law Enforcement Agencies, local management, audit function and Head Office, in timely manner with complete and accurate
  • Coordinate with Business Units to derive annual security SLA
  • Draft periodic MIS reports on international location security health
  • Coordinate with Business Units & HO BCM team for BCP drills, CSIRT exercises & complete annual BIA
  • Report security incidents to GSO and work with respective France stakeholders to address the identified incident

Inform GSO of escalations

  • Security Compliance requirements at France
  • Highlight security status & concerns to
  • Consult with IT and information security staff to ensure that implementation plan is
  • Actively participate and contribute to GSO initiatives
  • Track open Audit issues on information security to closure

Risk assessments for local implementations

Inform HO on any new 3rd party technology vendor for vendor assessment

Authorised to take decisions as per the approved authorisation matrix.

Minimum Qualification

  • Preferably Master’s degree in IT/Information Security
  • Preferably CISA/CISSP or any relevant security certification

Minimum Experience

4 years of experience in security compliance, consulting and practice

Si vous êtes intéressés, merci d’adresser votre CV à en rappelant le poste pour lequel vous candidatez.