Information Security Governance Consultant

Company Description

The client is a consulting and technology integration firm specialising in the security of intangible assets.

**Job Description**:
As part of a dynamic and passionate team, you will have the opportunity to fully invest yourself, to innovate and to create in the fields of expertise we deal with. Listening is one of our key values, which helps everyone feel integrated within the family. Understanding our business as well as the challenges our customers face is a continuous need. This is why you will regularly take part in workshops, training sessions and events to update your knowledge. We will also help you level up your skills by positioning you on great and challenging projects adapted to your profile.

Be part of a great team

As an Information Security Governance Consultant, you will be part of a multidisciplinary team and you will work in the Information Security Governance department. The team is made of experienced and junior consultants with a mix of specialties proper to each consultant. The team is in charge of information security governance consulting and support. We also provide services in the following areas:

- Definition of an organization’s security strategy and establishment of its short, medium and long-term security program;
- Management and organization of information security and establishment of the governance framework (security policies);
- Information security risk management;
- Resilience support (BCP/DRP, incident management, cyber crisis management, etc.);
- Cloud services security;
- Support for regulatory compliance (GDPR, CSSF, etc.) and standards compliance (ISO 27001, NIST CSF, CIS 20 certification);
- CISO support or CISO function within an organization take-over;
- Information security maturity assessment and audit.

The objective of the services provided by the Information Security Governance team is to understand and analyze the business needs of our clients and to decline them into Information Security requirements. Therefore, the team is able to assist clients in their maturity increase through the different approaches defined within the department.

Your mission as an Information Security Governance Consultant:
As an Information Security Governance consultant, mostly known as ISG, you will first need to have a structured risk approach and a good knowledge of the implementation of security measures in organizations. Your main objective will be to assist our clients in the implementation of their strategy by identifying the security projects to be initiated, assessing the maturity of controls and advising the choice of treatment to be adopted regarding the risks organizations are facing. The objective is to make information security a determining element in the value of the company while being pragmatic with the realization of the field.

**Qualifications**:

- You have an Engineer level or equivalent (Master) and you have at least 3 years of experience in a similar position.
- You are passionate about Information Security and have the ambition to work in the governance aspects of the business. From an engineer level or equivalent, you possess the necessary knowledge to manage Information Security and its risks.
- Your skills as an Information Security Governance Consultant
- You understand how governance can structure an information security approach;
- You are constantly on the lookout for issues related to cybersecurity;
- You communicate with ease and you know how to convey clear messages to different interlocutors (Management, CISO, IT, Business, etc.);
- You have strong writing and analytical skills;
- You propose structured approaches and are organized in your work;
- You are able to step back from a problem and have a long-term vision of how to address it;
- You are familiar with SCADA environments and security standards (ISO 27001, NIST CSF, CIS 20, SWIFT, etc.);
- You possess certifications such as CISSP, ISO27001 Lead Implementer / Lead Auditor, ISO27005 Risk Manager, CISM, etc;
- You understand the technical issues specific to information systems (networks, systems, etc.);
- Level required in French: fluent to native (written and oral) equivalent to C1-C2;
- English level required: good (written and oral) equivalent to minimum B1.

You have a good state of mind, you’re capable of working within a team and ready to take part in a great adventure. You are also dynamic, reactive, ambitious, creative, independent and you are not scared to share your mind. You have capacities to adapt and to take some initiatives.

You are a great passionate about Information Security, you are keen to learn and on the lookout for the latest news on security breaches and technological advances then apply

Expected skills: Analytical Skills, Governance, Management, Information Systems, Swift (Programming Language)

Additional Information
- This is a new position
- Fixed salary + variable
- Company car or leasing budget
- Petrol card (even if the person d