Security Manager (Hybrid)
In this role
- Responsible for managing multiple Security projects using Agile best practices. This includes planning, coordinating with cross functional teams, tracking status and reporting, communicating to the project team and key stakeholders, and creating the appropriate program documents.
- Keeping in close contact with key program members, decision makers, and stakeholders and being able to effectively communicate the needs and status of the program.
- Managing regular Pentest exercises and security audit projects with Customers.
- Maintaining Security governance (documentation, processes, …).
- Leading standard security audits with external partners.
- Manage program risks through effective identification, mitigation, tracking, and reporting of the identified risks.
- Select appropriate security metrics to measure the success of the program and highlight trends or themes from raw data.
- Build relationships with cross functional teams to help foster program participation and adoption.
- Work with other program managers in the team to share best practices and identify areas of alignment between programs.
- Help create effective communication to articulate program status to management and engineering teams.
The main duties:
- Pentest follow-up with Customers
- Audits annual exercises (PCI, ISO, ISAE …)
- Security processes/documentation maintenance in collaboration with Software Engineering, Cloud and Services Teams
- Security monitoring in collaboration with ECS Security, Corporate Security and ELCA Security
- Security projects (internal or external)
What we offer
- A challenging and professional working environment in a dynamic international team with extensive expertise
- Exciting projects with latest technologies
- An organization with flat hierarchies and collaborations across business departments
- Promoting environment with an attractive real prospect for your professional and personal development.
- Flexible working hours, excellent team spirit and others benefits.
- Good work-life balance (2 days per week from home)
About your profile
- Experience in different security domains such as Network Security, Application Security, Data Security, Vulnerability Management, Client and Cloud Security
- Effectively coordinates and schedules meetings
- Experience in information gathering, tracking, and consolidation
- Experiences with SIEM tools (Wazuh, Sentinel or other)
- Experiences with Vulnerabilities scanners tools (Tenable or other)
- CISM, CISSP, CISA certification
- Experience with contributing to the creation of reports, dashboards, and presentations
- Familiar with risk assessment best practices, effective security metrics, and cybersecurity frameworks
- Used to DevOps approach. Ansible hands expertise a plus
- Strong organizational skills and ability to multi-task in a small team
- System Engineer with at least 5 years’ experience – University degree in Computer Science or equivalent.
- Advanced level of English is mandatory