Cybersecurity Risk Analyst

il y a 1 semaine

AuvergneRhôneAlpes, France Salomon Temps plein
Company Description

Amer Sports is a sporting goods company with internationally recognized brands including Salomon, Arc'teryx, Peak Performance, Atomic and Wilson.

"The Mountain Sport Company", Salomon was born in 1947 in the heart of the French Alps and the birthplace of modern alpinism. Salomon's commitment to innovative design and passion for mountain sports created a vast range of revolutionary new concepts in bindings, boots, skis and apparel for both Alpine and Nordic skiing and brought innovative solutions to footwear, apparel and equipment for snowboarding, adventure racing, mountaineering, hiking, trail running, and many other sports.

Through performance driven design, Salomon delivers innovation and progression to mountain sports; converting new ideas into action and expanding the limits of possibility. Salomon's heritage, culture, and commitment are tied together by one simple concept: the world's leading mountain people creating the world's leading mountain products. Salomon is responsibly committed towards the outdoor through its sustainability Program. Diversity is one of Salomon's five values, therefore we are committed to creating an inclusive environment for all.

Salomon is headquartered in Annecy, France.

Job Description

We are looking for our new Cybersecurity Risk Analyst

The main responsibilities of the role are as below:
  • Cybersecurity Risk Analysis: Establish and monitor the risk analysis process for both IT and business sectors.
  • Support Teams: Assist IT DevSecOps, business teams, and application owners in performing risk analyses.
  • Secure by Design: Ensure projects and applications are delivered with security integrated from the start.
  • Security Architecture Review: Identify gaps in security architectures and negotiate remediation plans with application owners.
  • Risk Expert Role: Act as a cybersecurity risk expert and advocate for IT and business stakeholders.
  • Risk Posture Evaluation: Assess risk posture and maintain relationships with the Cyber Security & Risk Management (CSRM) team, IT teams, and business teams.
  • Training: Conduct risk analysis awareness training sessions.
  • Vendor Assessments: Organize assessments with vendors and subcontractors.

Nous recrutons notre nouveau Cybersecurity Risk Analyst

Les principales responsabilités du poste sont les suivantes:
  • Analyse des Risques de Cybersécurité : Établir et suivre le processus d'analyse des risques pour les secteurs IT et business.
  • Support aux Équipes : Assister les équipes IT DevSecOps, les équipes business et les propriétaires d'applications dans la réalisation des analyses de risques.
  • Sécurité par Conception : S'assurer que les projets et applications sont livrés avec les exigences de sécurité intégrée et ce dès le début du projet.
  • Revue de l'Architecture de Sécurité : Identifier les risques liés aux infrastructures techniques et les applications pour négocier des plans de remédiation avec leurs propriétaires.
  • Rôle d'Expert en Risques : Agir en tant qu'expert en risques de cybersécurité auprès des parties prenantes IT et business.
  • Évaluation de la Posture de Risque : Evaluer la posture de risque et maintenir un echange permanent avec l'équipe de Gestion des Risques et de la Cybersécurité (CSRM), les équipes IT et les équipes business.
  • Formation : Animer des sessions de formation sur la sensibilisation à l'analyse des risques.
  • Évaluations des Fournisseurs : Organiser des évaluations avec les fournisseurs et sous-traitants et fournir un avis de sécurité.

Qualifications

The ideal candidate holds a Bachelor or Master's degree in Cybersecurity, Computer Science, Information Technology or equivalent and demonstrate 5 years of experience minimum in a similar role or GRC related (IT audit, risk management or advisory, etc.)

The following Cybersecurity certifications are required for the role:
  • ISO27001 lead auditor or Lead Implementer
  • Risk Manager ISO 27005
  • Certified Information Systems Security Professional (CISSP) or equivalent

Languages: Fluency in English and French

Main skills and competencies required:
  • Relationship Building: the ideal candidate will actively seek to build and cement relationships while fostering proactive communication between stakeholders group.
  • Critical Thinking : the ideal candidate will utilise multiple methods to socialise problems and gather information, consistently applying accuracy, empathy, relevance, precision, and logic in their thinking.
  • Communication: the ideal candidate will demonstrate some good emotional intelligence to be able to adapt their style accordingly to different circumstances and audiences.
  • Collaboration : the ideal candidate will create new collaboration "networks" to achieve goals, recognizing sources of conflict and acting to resolve them to get to win-win outcomes.

Le candidat idéal possède un diplôme de Bachelor ou de Master en Cybersécurité, Informatique, Technologies de l'Information ou équivalent et justifie d'au moins 5 ans d'expérience dans un rôle similaire ou lié à la GRC (audit informatique, gestion des risques ou conseil, etc.).

Les certifications en cybersécurité suivantes sont requises pour le poste :
  • Auditeur principal ou Implémenteur principal ISO27001
  • Gestionnaire de Risques ISO 27005
  • Certified Information Systems Security Professional (CISSP) ou équivalent

Langues : Maîtrise de l'anglais et du français

Compétences et aptitudes principales requises :
  • Création de Relations : Le candidat idéal cherchera activement à établir et consolider des relations tout en favorisant une communication proactive entre les groupes de parties prenantes.
  • Pensée Critique : Le candidat idéal utilisera plusieurs méthodes pour socialiser les problèmes et recueillir des informations, appliquant systématiquement précision, empathie, pertinence, exactitude et logique dans sa réflexion.
  • Communication : Le candidat idéal démontrera une bonne intelligence émotionnelle pour adapter son style en fonction des différentes circonstances et audiences.
  • Collaboration : Le candidat idéal créera de nouveaux réseaux de collaboration pour atteindre les objectifs, reconnaissant les sources de conflit et agissant pour les résoudre afin d'obtenir des résultats gagnant-gagnant.

Additional Information

Permanent contract, Full Time

Job located in Annecy, France.

Poste en CDI à temps complet.

Localisé à Annecy, France.

  • Cybersecurity Architect

    il y a 4 semaines

    Auverge-Rhône-Alpes, France Spie Temps plein

    Description du posteIntitulé de la fonction / posteCybersecurity Architecte DéfensifType de contratDurée indéterminéeNature de contratTemps pleinStatutCadreVotre missionVous serez spécialisé(e) dans les technologies de Sécurité Périmétrique, EDR/NDR, Analyste SOC, Bastion, SIEM. Vos principales missions porteront :AVANT-VENTE : ÊTRE L'ACTEUR CLE...

  • Cybersecurity Architect

    Il y a 2 mois

    Auverge-Rhône-Alpes, France Spie Temps plein

    Description du posteIntitulé de la fonction / posteCybersecurity Architecte Défensif & Intégration H/FType de contratDurée indéterminéeNature de contratTemps pleinStatutCadreVotre missionSpécialisé(e) dans les technologies de Sécurité Périmétrique, EDR/NDR, Analyste SOC, Bastion, SIEM : (TBD), vos principales missions portent :AVANT-VENTE : ÊTRE...

  • Global Cybersecurity Expert

    il y a 1 semaine

    Provence-Alpes-Côte d'Azur, France CMA CGM Temps plein

    CEVA Logistics provides global supply chain solutions to connect people, products and providers all around the world. Present in 170 countries and with more than 110,000 employees spread over 1,300 sites, we are well on our way to achieving our vision: to be a Top 5 global 3PL.We believe that our employees are the key to our success. We want to engage and...

  • Global Cybersecurity Expert

    il y a 1 semaine

    Provence-Alpes-Côte d'Azur, France CMA CGM Temps plein

    CEVA Logistics provides global supply chain solutions to connect people, products and providers all around the world. Present in 170 countries and with more than 110,000 employees spread over 1,300 sites, we are well on our way to achieving our vision: to be a Top 5 global 3PL.We believe that our employees are the key to our success. We want to engage and...

  • Data Solution Expert Sales and Installed Base

    il y a 1 semaine

    Auvergne-Rhône-Alpes, France Biomerieux Temps plein

    A family-owned company, bioMérieux has grown to become a world leader in the field of in vitro diagnostics. For more than 60 years and across the world, we have imagined and developed innovative diagnostics solutions to improve public health. Today, our teams are spread across 45 countries and serve 160 countries with the support of a large distribution...

  • Data Solution Expert Sales and Installed Base

    il y a 1 semaine

    Auvergne-Rhône-Alpes, France Biomerieux Temps plein

    A family-owned company, bioMérieux has grown to become a world leader in the field of in vitro diagnostics. For more than 60 years and across the world, we have imagined and developed innovative diagnostics solutions to improve public health. Today, our teams are spread across 45 countries and serve 160 countries with the support of a large distribution...