Job Description
Description du poste
Conducting security risk analyses on IT projects and initiatives, ensuring compliance with policies, internal standards, and reference frameworks (ISO 27001, NIST, DORA, GDPR).
Participating in the planning and design phases of solutions, assessing security impacts and proposing mitigating controls. Direct involvement with project, architecture, development, infrastructure and business representative teams to gather the information necessary for risk assessment.
Validation of security requirements in procurement and onboarding of third parties.
Conducting phishing simulations and awareness campaigns.
Responding to audit requests (internal, external, supervisors) with evidence, justifications and documentation of controls applied. Technical implementation of security controls.
Identification, monitoring and validation of vulnerability remediation actions, in coordination with other teams.
Cybersecurity maintenan...