drjobs Chief Information Security Officer CISO HF

Chief Information Security Officer CISO HF

Employer Active

1 Vacancy
The job posting is outdated and position may be filled
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Aix-en-Provence - France

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

We are a large renowned fastgrowing ecommerce company specializing in highend online travel experiences. Security is a strategic priority to maintain the trust our customers have placed in us. 

Our goal is to protect our assets manage risk ensure compliance with regulatory requirements (e.g. PCIDSS v4 GDPR) and build customer trust all while supporting innovation in our technology and operations and a profound transformation of our systems to enable and power our ambitious growth objectives. 

We are looking for a Chief Information Security Officer (CISO) who will define and execute a global security strategy lead risk management efforts and foster a strong security culture across the company. This role will be pivotal in securing our evolving infrastructure enhancing governance and demonstrating business impact through security initiatives. 

 

Key Responsibilities 

1. Define Drive and Execute the Security Strategy & Roadmap 

  • Develop and maintain a comprehensive security strategy that covers technical organizational and physical security aspects. 
  • Build and execute a structured security roadmap aligned with the companys business and technical transformation. 
  • Identify assess and prioritize information security risks (technical organizational human) and define appropriate mitigation plans. 
  • Ensure compliance with industry regulations and standards (PCIDSS v4 GDPR and other relevant frameworks) in collaboration with legal and business teams. 
  • Regularly report security progress risks and achievements to the Chief Digital Officer (CDO) and the Executive Committee (ExCom) through Quarterly Business Reviews (QBRs). 

 

2. Proactive Risk Management Automation & Business Impact 

  • Implement riskbased security measures and establish a continuous improvement approach for security operations. 
  • Develop automated security dashboards to provide realtime visibility on security posture including risks incidents and security initiatives. 
  • Demonstrate tangible business impact of security actions (e.g. revenue protection reduced fraud SLA adherence strengthened partner trust). 
  • Establish Key Performance Indicators (KPIs) to measure security effectiveness and ensure alignment with business objectives. 

 

3. Technical Physical and Network Security 

  • Oversee physical security measures (e.g. access controls video surveillance alarms) in coordination with infrastructure and facilities teams. 
  • Ensure the security of networks cloud infrastructure and hybrid environments (onpremises cloud). 
  • Secure our APIdriven microservicesbased architecture working closely with DevOps and cloud teams. 
  • Drive Security by Design and Zero Trust principles in all technology initiatives. 

4. Leadership Team Management & CrossTeam Collaboration 

  • Collaborate with product data engineering infrastructure and legal teams to integrate security across all business functions. 
  • Work alongside the Office IT Manager for securityrelated actions within Microsoft environments (Active Directory Office 365 MFA etc.. 
  • Foster executive buyin and ensure that security is seen as a business enabler not a blocker. 

5. Security Awareness & Culture Development 

  • Promote a strong security culture throughout the company ensuring all employees understand their role in cybersecurity. 
  • Implement companywide security awareness programs including phishing simulations and best practices training. 
  • Act as a trusted advisor on security matters maintaining a pragmatic and educational approach. 

6. Data Protection GDPR & ThirdParty Risk Management 

  • Ensure compliance with GDPR and data privacy regulations working closely with legal teams. 
  • Oversee data protection anonymization and secure storage practices. 
  • Manage thirdparty risk by ensuring vendors and partners meet security standards before integration. 

7. Incident Management & Continuous Improvement 

  • Establish a structured incident management process covering detection response mitigation and postincident reviews. 
  • Lead internal and external security audits including penetration tests organizational security reviews and compliance assessments. 
  • Stay ahead of emerging cybersecurity threats and adapt security strategies accordingly. 

8. Budget & Security Investments 

  • Define and manage the security budget ensuring costeffective investments in security tools and technologies. 
  • Justify security spending by demonstrating ROI and risk reduction benefits. 

Qualifications :

Technical Skills: 

  • Proficiency in IT security tools and concepts: 

  • Access management (IAM SSO MFA). 

  • Infrastructure security (firewalls VPNs network monitoring WiFi security). 

  • Application security (OWASP Top 10 API Gateway). 

  • Strong knowledge of standards and certifications: PCIDSS ISO 27001 GDPR (in collaboration with the legal team). 

  • Experience in hybrid environments (onpremise cloud) and transformation projects. 

  • Advanced skills in dashboard creation and automated reporting with a focus on demonstrating business impact (tools like Power BI Tableau or securityspecific solutions). 

Soft Skills: 

  • Leadership and Influence: Ability to mobilize and convince diverse stakeholders including COMEX members. 

  • BusinessOriented Vision: Capable of translating security actions into tangible business results. 

  • Autonomy and Structure: Skilled at prioritizing and structuring projects in a complex and evolving environment. 

  • Pedagogy and Communication: Ability to simplify technical issues and foster adoption of security priorities. 

  • ResultsDriven: Transforming action plans into measurable and impactful outcomes. 

Experience and Education: 

  • Significant experience 5 years) as a CISO RSSI or security expert in a related environment (ecommerce SaaS cloud). 

  • Knowledge or interest in the travel industry (ticketing GDS connectivity etc. is a plus. 

  • Engineering degree or Masters in cybersecurity. Certifications preferred: CISSP CISM ISO 27001 Lead Auditor/Implementer. 

 

Why Join Us 

  • A Strategic Role: Be at the heart of the companys digital transformation and security efforts. 

  • Strong Autonomy: Structure a longterm vision while relying on internal and future technical resources. 

  • Exciting and Varied Challenges: Hybrid architecture technological overhaul and security governance. 

  • Stimulating Environment: Collaboration with multidisciplinary teams and cuttingedge technologies (cloud microservices). 


Additional Information :

Youll love joining us... 

  • At Voyage Priv the entrepreneurial adventure is a reality: take on ambitious and fulfilling projects while joining a company committed to the growth of its teams. 

  • Live in the South of France in an exceptional natural economic and cultural environment on a modern digital and ecoresponsible campus. 

  • Find your own balance with up to 2 days of telecommuting per week which you can concentrate on one week at a time up to 4 times a year. 

  • Put meaning back into your work and discover a unique ecosystem creating bridges between worlds that are often far apart: the economic sporting academic and social worlds and take part in one of the Vision projects (Ecole des XV Provence Rugby VP Green Les Tremplins Chez Pierre). 

  • Cancel your sports subscription! Access our large Campus gym morning noon and night and play Padel whenever you like on our court reserved exclusively for Voyage Priv employees... 

  • Live to the rhythm of Voyage Privs various Business & Fun highlights (Company Breaks Carnival Annual Convention... take part in meetups and talks and enjoy free tickets to every Provence Rugby home match or dance to the sounds of the Dalida Institute! 

  • Would you like to take advantage of our getaway offers Benefit from up to 20 off our irresistible prices. 


Remote Work :

No


Employment Type :

Fulltime

Employment Type

Full-time

Company Industry

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.