Information Security Specialist

Sobre a vaga

Job Description Summary
 

Working in the Information Security Team, the successful candidate will find themselves engaged in all areas of the business at Euronext. Further, the boundaries of the role extend beyond Euronext' perimeters where third parties exist and need to be engaged or responded to.
 

The function is heavily involved in the day to day running of the Information Security practice and wider security program across the organization based on global recognized frameworks (e.g. ISO27001, Cobit, NIST).
 

The successful candidate will be engaged to handle and manage IT audits and risk assessments, IT security architecture, IT security monitoring, third party reviews, compliance checking, and matters of both regulatory and legislative impact including matters relating to, but not limited to, data privacy, cyber legislation, and corporate security best practices.
 

Role Summary
 

The candidate will work very closely with business side staff in the form of executive project sponsors, business analysts, enterprise architects, and project managers. Heavily engaged in processes to establish the security requirements and controls of an initiative, risk assess the requirements, and deliver high and low level security solutions and designs.
 

The successful candidate must have a deep knowledge of all areas of IT technologies, infrastructures, and business systems, coupled with exceptional InfoSec skills. In addition, a thorough understanding of the threat landscape and all security controls that can be used to realize security protection against threat vectors.
 

Candidates must have strong stakeholders management skills and be prepared to present prepared risk analysis results and solutions to all levels of staff and management.
 

Key Accountabilities
 

• Assisting with the implementation and maintenance of the Information Security Program;
   

• Assisting with efforts to align internal security practices with industry best practices and security frameworks commensurate with strategy and the expectations of our clients and regulators;
   

• The handling of project / initiative requirements and processing and communication of requirements;
   

• Risk assessment of projects and initiatives;
   

• The creation, communication, and handling of the approval for Security Solutions created;
   

• Assisting in the drafting and preparation of departmental security document sets;
   

• Keeping track of policy and standards exceptions and the risks aligned to them;
   

• Keep abreast of new risks and trends in the threat landscape that may need to be addressed within information security policies, procedures and standards;
   

• Exhibit a broad knowledge of security compliance and auditing frameworks and apply those to formulate policies, procedures and standards.
   

* The key accountabilities only describe the main activities and is not exhaustive. It evolves depending on the expertise level and ongoing projects.

Your Profile
 

• Past/proven experience working in a team;
   

• Established background in Information Security Risks processes;
   

• Established background in IT/Information Security Audit;
   

• Strong background and knowledge of working with and implementing international security standards and frameworks, such as; ISO27001, ISO27002, ISO27005, NIST, Cobit 5, etc.;
   

• Strong stakeholder management skills;
   

• The ability to interface across the organization with other teams and managers of all levels;
   

• Analytical, judgment, and decision making skills;
   

• Ability to articulate complex security and privacy concepts to business users;
   

• Ability to communicate with clients in a professional manner;
   

• Working / technical knowledge of IT infrastructure and security specific controls;
   

• Security industry certifications are considered a plus, e.g. include; CISA, CISM, CRISC, CGEIT, Cobit 5, ISO 27001 or other security / ISO related certifications.
  
   

We are proud to be an equal opportunity employer. We do not discriminate against individuals on the basis of race, gender, age, citizenship, religion, sexual orientation, gender identity or expression, disability, or any other legally protected factor. We value the unique talents of all our people, who come from diverse backgrounds with different personal experiences and points of view and we are committed to providing an environment of mutual respect.