Chief Security Compliance Officer
Courbevoie, FR, 92400
IDEMIA
We make it safer and easier for people to pay, connect, be identified, access, travel and stay safe in the physical and digital worlds.
You may not know our name, but you have surely used our innovations and solutions.
Our mission is to unlock the world and make it safer through cutting-edge identity technologies. Every day, around the globe, we are enabling citizens and consumers alike to perform their daily critical activities (such as pay, connect and travel), in the physical as well as digital space. We are transforming their lives by making the world more secure and yet also more streamlined.
We have brought together complementary know-how and technologies that have never been combined before for both the physical and digital era: secured connectivity, secured payments and secured identity management. Cybersecurity, biometrics, large scale distributed systems and Cloud computing, analytics and smart devices are at the core of both our physical products and our software and systems.
We serve our clients in 180 countries thanks to our 15,000 employees worldwide.
Purpose
IST Chief Security Compliance Officer is in charge to globally manage security compliance for all our solutions & services ; that includes to define & execute strategy, anticipate evolutions of existing compliance frameworks as well as coming new regulations, and deploying permanent control for efficiently monitoring our compliance level.
He / she is also in charge of establishing Product Security Incident Response activity (covering both vulnerability & incident management) for all the division, in coordination with all business & engineering teams.
He / she organizes activity & priorities of the team (3 experts), with the right balance between supporting business / meeting customers needs, and progressively improving our internal frameworks & policies.
Position reports directly to IDEMIA Secure Transactions - Global Chief Security Officer.
Key Missions
-
Main Missions :
Compliance & Security Audits
o To contribute to IST global security strategy for security compliance activities => OK can be switched to contribute, as proposed modification
o To identify & anticipate evolutions of applicable compliance frameworks, to assess impact of these evolutions on our business activities, and coordinate implementation of the actions with the teams
o To support our business teams during compliance & customer audits to ensure they are properly prepared
o To provide security expertise during the audits & follow up execution of the mitigation plans post audit
o To provide expertise and guidance on security compliance topics (both for new & existing solutions)Product Security Incident Response (PSIRT)
o To define & deploy product vulnerability management & security incident management framework (policies, procedures, processes …) across the division, in coordination with IST security community, and business & engineering teams (scope : products & solutions)
o Coordinates & supports product & commercial teams in regards with incident responses activities, and monitors status through KPIs
Other missions
o To contribute to the definition and implement the security strategy & roadmap of the department, report progresses and challenges
o To perform security assessments & waivers where relevant
o To coordinate cross IST security projects (ex : CPS, key management solution)
Profile & Other Information
Technical skills :
o Experience in security governance (policies, committees, risk management, audits …); personal certification (ex: ISO27001 lead auditor or CISSP) is a plus
o Knowledge of Cryptographic Algorithms and Certification Schemes, Experience in Key Management (HSM, key ceremonies …)
o Strong experience in compliance frameworks ; Knowledge of applicable standards (PCI CPP, PCI DSS, GSMA,) is a plus
o Demonstrated experience in Project Management, involving a lot of various stakeholders
o Previous experience in payment and telecom related projects with banks and mobile operators is considered as a plus
Soft skills :
o Ability to interact with different typology of stakeholders (C-level, legal, engineering teams …)
o Ability to report activities at the appropriate level for business/security committees
o Excellent problem-solving and analytical skills.
o High level of autonomy & adaptability
o Strong leadership & communication skills.
o English fluent (written & spoken).
By choosing to work at IDEMIA, you can join the journey of a unique tech company. You can seize all the opportunities of our fast-paced environment. You can add your distinctive qualities to our global community. You can contribute to a safer world.
We deliver cutting edge, future proof innovation that reach the highest technological standards. We’re well established, and yet still agile. We aren’t too big, and we aren’t too small. And we’re transforming, fast, to stay a leader in a world that’s changing fast, too.
At IDEMIA, people can develop their expertise and feel a sense of ownership and empowerment, in a global environment, as part of a company with the ambition and the ability to change the world.
Our teams are close and collaborative; maintaining a dialogue and developing human connections matter to us. We are truly international and we know that diversity is a key driver of innovation and performance. We welcome people from all walks of life, regardless of how they look, where they come from, who they love, or what they think.
Each of our locations has its own advantages to offer a collaborative and friendly work environment.
IDEMIA. Expect the unexpected. Join the journey of a unique tech company.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Audits C CISSP Cloud Compliance Governance Incident response ISO 27001 KPIs Monitoring PCI DSS Product security PSIRT Risk management Security assessment Security strategy Strategy Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs