Information Security Analyst - Business Security and Compliance

Description du poste:

How will you CONTRIBUTE and GROW?

The Security Analysts ​​​supports the Information Security Officer to uphold Governance, Risk Management, and Compliance standards across Digital & IT​ environments. Security analysts are essential in maintaining the cybersecurity integrity of the company's IT and OT systems, as well as its sensitive data by ​ensuring adherence of Digital & IT operations to established ​Global security governance.​

This role integrates into a global cybersecurity organization characterized by a rich diversity of cultures, local and global operational requirements, and complex technological landscapes.
Main responsibilities:

* Ensure alignment with Global Cyber security Framework
* Enforce policies, procedures and guidelines.
* Define risk, remediation plans and compensation controls to reduce risk through the use of Deviation Action Treatment Plans (DTAPs)
* Conduct Security Risk Assessments using Group Tools and Processes.
* Review cyber security risks for Vendor, Suppliers, Contractors and other Third-Parties
* Lead the process of critical digital asset compliance including stakeholder communications, reporting, review of evidence and maintaining compliance score
* Identify privacy and other regulatory requirements including AI evaluations
* Assess compliance with Global Cyber security Framework throughout the data and application life cycle (CDA's, Global ERP systems)
* Assist in cyber crisis management response and/or cyber crisis simulations
* Coordinate cyber security incident response with identified stakeholders to define and minimise impact.
* Provide support Digital and IT Audits by providing responses and evidence related to cyber security controls.
* Lead rules of engagement, scope of work assessments and logistics for penetration testing engagements as well as lead Penetration Testing Efforts (IT & OT)
* Act as Cyber security expert within the organisation.

___________________

Are you a MATCH?

Mandatory requirements:
* 4-7 yr of experience in Cyber Security, risk management, and/or compliance
* Certifications in information security and/or cyber security like CISSP, CISM, CGRC.
* Level of English C1

Desired Skills:
* Knowledge of security control frameworks and standards such as SOC2, ISO 27001, NIST, etc.
* Experience securing cloud-based environments.
* Experience with regulatory requirements.

Our Differences make our Performance

At Air Liquide, we are committed to build a diverse and inclusive workplace that embraces the diversity of our employees, our customers, patients, community stakeholders and cultures across the world.

We welcome and consider applications from all qualified applicants, regardless of their background. We strongly believe a diverse organization opens up opportunities for people to express their talent, both individually and collectively and it helps foster our ability to innovate by living our fundamentals, acting for our success and creating an engaging environment in a changing world