Emplois actuels liés à Senior Grc Architect - Leudelange - Sopra Steria

**Company Description**
Sopra Steria offers tailored, end-to-end corporate technology and software solutions to help clients make bold choices and deliver results. Successfully so With more than

56.000 colleagues in 30 countries, we rank as Europe’s leading digital solutions provider. Some of the most successful companies in Europe rely on our technology due to our commitment to innovation, collaboration, and value in business development.

The world is how we shape it. Let’s shape it together.

Cybersecurity is an always-on field, so you’ll stay advised of all the latest trends and compliance regulations and always be ready to conduct threat analysis, risk management, and incident response quickly and effectively. To stay on the front foot, our cybersecurity experts will be familiar with the latest security tools, implementing firewalls, and conducting vulnerability assessments.

Our cybersecurity colleagues will excel in ethical hacking and penetration testing, with strong communication skills to collaborate effectively with other departments. This ensures that their assets meet security standards, maintain confidentiality, and contribute to safeguarding the systems. After all, there’s no cyber without cybersecurity.

We are seeking a proactive, communicative and experienced GRC Architect to join our dynamic and innovative team. With a strong background in Information Security Management Systems (ISMS), IT risk management and compliance audits, you will play a crucial role in protecting our clients from evolving digital threats and supporting them with the information security risks they are facing. Our projects are diverse and challenging, across all industries and markets (private/public).

**Responsibilities**:

- Good knowledge of compliance standards: spearhead compliance projects to certify that all corporate information systems meet or exceed these benchmarks.

**Assessment and Management**:

- Conduct thorough risk assessments to identify potential security threats and vulnerabilities within the organization's IT environment.
- Develop and maintain a risk management framework to evaluate and prioritize security risks.
- Propose and implement risk mitigation strategies to reduce the organization's risk exposure.

**Policy and Compliance**:

- Ensure compliance with industry standards, regulations, and best practices such as ISO 27001, eBios, NIST, GDPR.
- Develop and enforce security policies, procedures, and guidelines to safeguard the organization's information assets.
- Monitor compliance with security policies and procedures and address any deviations.

**Security Solutions Implementation**:

- Evaluate and recommend new security technologies and tools to enhance the organization’s security posture.

**Communication**
- Provide security-related guidance and training to employees, fostering a culture of security awareness.
- Knowledge sharing and mentorship: Offer expert advice and training to team members and stakeholders on compliance standards, best practices in system security, and technical procedures, including those related to cloud security solutions. Ensure all team members possess the necessary knowledge and skills to support compliance and security efforts effectively.

**Qualifications**

**You have knowledge and experience of the following**:

- 10+ years' experience in multiple IT areas and working in security design functions.
- Cybersecurity knowledge and experience is required.
- Cloud
- certification or proven expertise in AWS security solutions are a plus.
- Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is a differentiator.
- Very good understanding of network security concepts.
- Excellent understanding of authentication and authorisation mechanisms and protocols
- Cryptography and latest cryptographic standards, including PKI
- Working knowledge of the OWASP Top 10
- Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems — Windows, Unix, and Linux, IP networks — WAN and LAN, Knowledge of DevSecOps, Knowledge of API Architectures
- Ability to work and communicate in a multi-cultural environment.
- Service-oriented mindset.
- Ability to communicate in writing and verbally in a clear and concise manner.
- Initiative, accuracy, and attention to detail
- Fluency in English (written and spoken) is essential. Any other European language is a plus.

**What we can offer you**

As a member of one of Europe’s largest digital solutions providers, you’ll benefit from extensive career development opportunities, both local and international. At the Sopra Steria Academy, you’ll be part of a dynamic network of 56,000 professionals at all stages of their careers. With a wide array of offices to explore, you can find your ideal location and take the next step in your career.

We offer a generous employee benefits package that includes:

- Access to our Sopra Steria training and personal development academy
- A compan