Job description
Direct Responsibilities:
- Manage the risks of the Cloud related projects
Assist of the Risk Assessment process in collaboration with the different stakeholders
Bring subject matter expertise on Cloud Technologies, especially on Data protection linked to the Group Standards and the different Regulator
Ensure the conformity of the security deliverables as part of the Security into projects
Identify application-level vulnerabilities, exceptions, non-conformity and assess their related risks
Assess IT Risks, identify remediation plan, follow up and track their deployment
Maintain the process documentation linked to Cloud
- IT Risk, Continuity & CyberSecurity Lead on Strategic WMIS Program
Assist on the Group CyberSecurity Program deployment
Lead the IT Transformation program from IT Risk, Continuity & Cyber perspective
- IT Security architecture
Reviewing, and approving the security requirements for applications and IT setup
Ensure the compliance level of the applications with the Security architecture standards including Third-party and cloud security risks.
Ensure the protection of business data with an adequate security level of assets based on review processes.
Identify the IT security risks in advance, record, and follow-up on them.
- Transversal Security Projects
Participate and follow-up on different transversal initiatives. Ensure the progress and the follow-up of the different initiatives and report it to the management
Identify, record and report on IT Risks identified throughout the different initiatives
- IT security compliance
Ensure the alignment with the Group and GAIM security policies, for both project and production assets
Ensure the compliance with regulatory bodies requirements
Leveraging on a deep knowledge of Security standards such as NIST, CIS, ISO2700x , ensure the compliance with the IT security requirements
Ensure the compliance with the Third-party Technology risks and the Cloud security
- IT Data Management and Data analytics/science technologies
Keep up with the knowledge of Data security and protection regulatory landscape and related measures.
Understand the Data analytics and data sciences technologies
Ensure the solutions of Data Management, Data analytics and data science solutions are implemented with the Group security architecture requirements.
Identify the IT security risks in advance, record and follow-up them.
Ensure the regular reporting to the management.
- Coordination with IT Security actors
Alignment on the objectives and means, contribution to the different global reporting.
Coordination with the Global security teams concerning integration of WM assets within production sites.
Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group.
Contributing Responsibilities:
- Participate in the evolution of Security Posture
Participate in the deployment of new security practices and DevSecOps pipeline
Ensure that SSDLC practices are well followed
Take part in the awareness and training activities
Report on the risks and security deviations identified
Requirement:
- 5-8 years experience in information security and IT risk management.
- Experience in evaluation and design of technical architectures and processes
- Functional as well as technical knowledge of the common architecture and Cybersecurity frameworks and solutions
- Strong knowledge in secure development and SSDLC processes
- Knowledge of the Norms and Standards of the banking and cybersecurity industry
Equal opportunity
Amaris Consulting is proud to be an equal opportunity workplace. We are committed to promoting diversity within the workforce and creating an inclusive working environment. For this purpose, we welcome applications from all qualified candidates regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability or other characteristics.
Who are we
Amaris Consulting is an independent technology consulting firm providing guidance and solutions to businesses. With more than 1000 clients across the globe, we have been rolling out solutions in major projects for over a decade this is made possible by an international team of 7500 people spread across 5 continents and more than 60 countries. Our solutions focus on four different Business Lines: Information System & Digital, Telecom, Life Sciences and Engineering. Were focused on building and nurturing a top talent community where all our team members can achieve their full potential. Amaris is your steppingstone to cross rivers of change, meet challenges and achieve all your projects with success.
At Amaris, we strive to provide our candidates with the best possible recruitment experience. We like to get to know our candidates, challenge them, and be able to give them proper feedback as quickly as possible. Here's what our recruitment process looks like:
Brief Call: Our process typically begins with a brief virtual/phone conversation to get to know you! The objective Learn about you, understand your motivations, and make sure we have the right job for you!
Interviews (the average number of interviews is 3 - the number may vary depending on the level of seniority required for the position). During the interviews, you will meet people from our team: your line manager of course, but also other people related to your future role. We will talk in depth about you, your experience, and skills, but also about the position and what will be expected of you. Of course, you will also get to know Amaris: our culture, our roots, our teams, and your career opportunities!
Case study: Depending on the position, we may ask you to take a test. This could be a role play, a technical assessment, a problem-solving scenario, etc.
As you know, every person is different and so is every role in a company. That is why we have to adapt accordingly, and the process may differ slightly at times. However, please know that we always put ourselves in the candidate's shoes to ensure they have the best possible experience.
We look forward to meeting you!
