Information Security Governance Consultant

Join a dynamic and passionate team where you will have the opportunity to fully invest yourself, innovate, and contribute within the fields of expertise we tackle. At Excellium, listening is a core value that fosters integration within our family.

Understanding our business and the challenges faced by our customers is a continuous priority. To support this, you will participate in workshops, training sessions, and events to update your knowledge. We will also help you enhance your skills by assigning you to challenging and exciting projects that align with your profile.

**Be Part of a Great Team**

As an Information Security Governance Consultant, you will work within the Information Security Governance (ISG) department. This multidisciplinary team comprises experienced and junior consultants, each specializing in various areas of information security governance and consulting.

**Key Services Provided by the Team**:

- Developing security strategies and short, medium, and long-term security programs.
- Establishing governance frameworks, including security policies.
- Managing information security risks.
- Supporting resilience efforts such as BCP/DRP, incident management, and cyber crisis management.
- Enhancing cloud service security.
- Assisting with regulatory compliance (e.g., GDPR, CSSF) and standards compliance (e.g., ISO 27001, NIST CSF, CIS 20).
- Acting as a CISO or providing CISO support within organizations.
- Conducting information security maturity assessments and audits.

The ISG team’s mission is to translate clients’ business needs into information security requirements, helping them increase their security maturity through well-defined approaches.

**Your Mission**

As an Information Security Governance Consultant, your structured risk approach and knowledge of implementing security measures in organizations will be critical. Your primary goal will be to assist clients in implementing their strategies by:

- Identifying security projects to initiate.
- Assessing the maturity of controls.
- Advising on risk treatment strategies.

Your role is to ensure that information security becomes a key value driver for organizations while adopting pragmatic, field-oriented solutions.

**Ideal Profile**

**Your Skills**
- Deep understanding of how governance structures information security approaches.
- A keen interest in cybersecurity and its evolving challenges.
- Strong communication skills, capable of conveying clear messages to diverse audiences (Management, CISO, IT, Business, etc.).
- Excellent writing and analytical abilities.
- Structured, organized, and able to propose methodical approaches.
- Ability to take a step back and adopt a long-term vision for addressing problems.
- Familiarity with security standards such as ISO 27001, NIST CSF, CIS 20, SWIFT, etc.
- Possession of certifications such as CISSP, ISO27001 Lead Implementer/Lead Auditor, ISO27005 Risk Manager, or CISM.
- Understanding of technical issues related to information systems (e.g., networks, systems).
- Language proficiency:

- French: Fluent to native (C1-C2 level, written and oral).
- English: Good (minimum B1 level, written and oral).

**Desired Attributes**
- Team-oriented, with a positive mindset and readiness to collaborate.
- Dynamic, reactive, ambitious, and independent.
- Creative and willing to take the initiative.
- Adaptable and eager to participate in a rewarding professional adventure.

If you are passionate about information security, eager to learn, and keep up-to-date on the latest security breaches and technological advances, we encourage you to apply

Pay: From €46,000.00 per year

Application Deadline: 20/01/2025
Expected Start Date: 27/01/2025