Permanent contract (CDI), based in Rennes.
Your role and responsibilities:
Within the IT department, we are looking for a Chief Information Security Officer (CISO) on a permanent contract. The position is to be filled in Rennes.
Reporting to the IT Manager, you will be responsible for the following subjects:
- Define the IT security policy:
- Define objectives and needs in coordination with the IT Manager and business managers.
- Define and write the information system security policy (PSSI) and the IT charter.
- Define the norms and standards of IT security in line with the nature of the company’s activity and its exposure to IT risks.
- Monitor legal developments in the market in terms of security in order to guarantee the compliance of the IT with individual and collective law, in particular with the GDPR.
- Implement, monitor the security system, ensure the security of the IT, identify risks and be proactive:
- Make methods consistent, rationalize security tools and support their implementation within the company and users.
- Participate in the choice of technical solutions to meet security requirements (example: hardening workstations and servers, securing networks, virtualization systems, centralized authentication and strong authentication, IT supervision, securing sensitive data, checking the operation of backups, etc.)
- Participate in the management of projects, the implementation of tools (tests, documentation) in compliance with the standards in force.
- Bring the IT security system into conformity with the standards in force (i.e. IS027001) and write the operational procedures.
- Personally carry out continuous monitoring and internal audits of the security system to detect weaknesses and risks.
- In collaboration with the IT team, you will participate in the monitoring of the IT, its maintenance in operational condition and its resumption of activity in the event of a disaster.
- In collaboration with the IT Manager, you will define the Business Continuity Plan (BCP) and Business Resumption Plan (BRP) on the IT aspects of the company.
- Set up training and awareness sessions for employees on best practices in cybersecurity.
Education, Experience & Skills:
With a higher education (Bac +5) in computer science, you ideally have several experiences as a CISO in an international context.
You have maintained an appetite for technique, and have developed several skills that complement the function over the years.
The resolution of security incidents and crisis management are situations that you have experienced and for which you have organizational and technical solutions to offer.
- Good means of communication, pedagogy and spirit of synthesis.
- Rigor and method in your activities.
A fluent level of English would be appreciated for this post.
A fluent level of French is required for this position.
To apply, please send only PDF. Word documents will not be opened.