Recrutement de 01 Certification and Business Security Officer

Recrutement de 01 Certification and Business Security Officer
Niveau d'études: Non précisé
Expérience: Non précisé
Expire le: 26-10-2022
orange
Cairo, Egypte
Certification and Business Security Officer

Ref : 571419 | 28 Jul 2022

Date limite de candidature : 26 Oct 2022

CityStars, Cairo, Égypte - Egypte

Votre rôle
Your work environment

Within the Performance, Quality and Security division, the GlobalSec Division animates and monitors OBS Security, relying on a community of actors in charge of the Security of their own entity or domain. GlobalSec defines the OBS sectorial security policies (global security management, physical security, security incidents, vulnerability, security audit management, Information Security Management System) in line with Orange Group security policies, and manages the OBS Security Referential. It ensures that OBS entities implement the Orange or OBS sectorial policies, defining their own entity policies on these bases if necessary, and organizes controls via audits or pentests.

GlobalSec manages main processes or activities such as security certification management, Vulnerability management; security Crisis management, Suppliers security management, Products Security, including Risks management.

Your mission

As Certification and Business security officer, your mission is to prepare Orange Business Services to cope with the increasing customer demand for trust about the security capabilities of OBS. A central security support is then needed and is organized by the Certification and Business Officer.

This customer support mainly concerns :

- the provision of security certifications such as ISO27001 and SOC reports,

- the capability to answer specific customer security questions in a trusted and timely manner,

- the provision and maintenance of some customer-facing security material that could be used by customer-facing teams or directly made available to customers

The aforementioned activities are organized in a transversal program by the Certification and Business Security officer, with a specific reporting and managed with a project plan.

The Certification and Business Security officer reports to the Chief Information Security Officer of OBS.

Your activities and tasks

The Certification and business security officer’s role is two-fold :

- security certifications : allow OBS to renew each year ISO 27k and SOC1/2 certificates

O coordinating ISO27001 and SOC audits in relation with the auditing company (audit planning, audit controls preparation),

O coordinating and supporting all the departments and affiliates integrated in the scope of OBS certification scheme (ISO27001, SOC1/2), tracking the remediation action plans of audit findings,

O accompanying new entities joining the certification scope

O leading standardization/industrialization/reuse of the certified ISMSs (Information Security Management System) across OBS departments and affiliates, including the evidence collection across all certifications

O including new business needs regarding security certifications

- business security : develop customer confidence on the security of OBS services

O identifying and maintaining the Security Information required by the market and by OBS customers

O maintaining a solid relationship with sales and pre-sales department, and other customer-facing departments requiring Security Information or security expertise

O providing guidance and sponsorship to the compass team (dedicated team in Egypt) in charge of answering customer questionnaires regarding compliance questions

O coordinating customer satisfaction survey relating to the security and protection of OBS services

O ensuring follow-up of customer audits, and adequacy of audit protocols with OBS policies

O maintaining a referential of customer compliance needs, including for some sectorial standards

Votre profil
Your professional experience

Master (or equivalent) including specialization in Cybersecurity or several years of professional experience on Cybersecurity.

Experience in audits and certification programs

Your Skills

Core Competencies

- Cyber defense: knowledge of attack and intrusion techniques and environmental vulnerabilities

- Knowledge of Operating System Security, Network security and protocols

Knowledge of the information system and architecture principles

- Knowledge of governance, compliance norms and standards: mastering audit methodologies

- Legal knowledge of ITN law relating to IS security and data protection

- Cybersecurity technology watch and study of trends

Language Skills

Fluent in both French and English

Entité
Orange Gbl Sol for Business

Contrat
CDI