Information Security Advisor

Your qualifications required

• Operate the CISO Release Management servicefor all development executed by CISO on CISO assets ensuring best practices are applied for smooth transition into (pre) production environment.
  • Identify collect and bundle where appropriate CISO change items into collections of release items verifying their compatibility & assessing their impact on the target environment;
  • Build and maintain high level and detailed CISO releases planning;
  • Perform a quality assessment of the changes through the production acceptance criteria incl. operational readiness security and compliance;
  • Monitor and report risks associated with non-compliance to the System Delivery Life Cycle (SDLC);
  • Prepare reporting on planned releases highlighting residual risks and related mitigation actions to obtain the adequate endorsement;
  • Follow-up on remediation in case of conditional authorization;
  • In case of incidents (during the launch phase or just after) coordinate root cause analysis support teams in charge of the resolution of those gaps and if applicable define & implement mitigations to prevent any new occurrence of similar issue in the future.
• Provide support when SDLC (System Delivery Life Cycle) IT controls fail and ensure an adequate follow-up until the full remediation (limited to Manage Change Acceptance & Transitioning process).
• Reinforce the usage of good practices
  • Be anevangelist within CISO and with other communities in charge of release (Change Managers Product owners Test leads) to ensure the awareness and the right understanding;
• Act as a contact point for CISO resources needing guidance an help on release practices.
• Drive and executesmall to large-scale initiatives aimed at addressing identified gaps or weaknesses within our domain ensuring alignment with organizational standards and objectives.

Skills

To strengthen our team we are looking for a candidate with experience in the following areas:

• Good knowledge to system and software development and testing security guidelines;
  Our IT solutions refer to cloud and on-premises solutions including mainframe and virtual or physical distributed systems;
• Familiarity with methodologies such as Agile DevOps and CI/CD practices with an appetite for learning and adapting to new approaches;
• Good understanding to various information security and cyber domains particularly identity and access management certificate management network security and data protection;
• Ability to build up an overarching while detecting potential pain points and to draw conclusion and priorities;
• Ability to build clear and concise report supporting decision making;
• Team player with strong communication skills collaborative spirit being able to discuss defend and translate risk topics with both senior business people as with deep technical IT experts;
• Independent service-oriented and organized.
• Able to operate within an international/multi-cultural networked environment;
• Fluent in English (speaking and writing).

#LI-NS1