Information Security Officer (UK, US or France)

Company Description

CGG (www.cgg.com) is a global geoscience technology leader. Employing around 3,700 people worldwide, CGG provides a comprehensive range of data, products, services and solutions that support our clients to achieve their business and transition goals. We combine human ingenuity and new technology to understand and solve the world’s natural resource, environmental and infrastructure challenges. Our unique perspective uncovers new ways for our clients to be more efficient and responsible, for a more sustainable future.

Job Description

This role has a flexible location. You can either be based in the UK, the US or France.

CGG is seeking an Information Security Officer to join its Information Security team reporting to the Chief Information Security Officer. The team has a global remit with a focus on risk management, and the responsibility of providing assurance to our executive leadership, board, customers and other stakeholders that we are ‘secure enough’.

The successful candidate will join the team to strengthen our Information Security posture by providing governance, risk management, compliance and auditing capabilities.

This role would suit someone with an information security background looking to develop their career in a global technology company or with experience of governance, risk and compliance wanting to move into information security.

Principal Accountabilities

• Participate in the management and evolution of the Information Security framework
• Develop policies and processes that match InfoSec objectives
• Provide coordination and guidance to the InfoSec regional community (RISOs)
• Oversee the Group’s Information Security compliance against external and internal Information Security requirements, ensuring gaps are communicated.
• Manage and deliver general InfoSec training and targeted specific topic training offerings
• Maintain our Incident Response Plan and run regular table-top exercises with stakeholders to test and improve the plan
• Participate in cyber security risk analyses of business lines
• Maintain the Information Security Incident Response Plan (InfoSec IRP) including the development of relevant run books
• Advise IT groups on InfoSec best practices and process implementations
• Liaise with the relevant stakeholders on information security aspects of projects
• Participate in the investigation and analysis of Information Security incidents
• Participate in Information Security internal and external audits

Qualifications

• High level knowledge of IT ‘building blocks’ and how they relate to information security
• Knowledge of Information Security frameworks (ideally NIST) and their application
• Experience in the creation and maintenance of policies and associated documentation
• Experience of developing and delivering training and e-learning
• Good understanding of the principles of information security (CIA, Critical Assets, threats, vulnerabilities, exposure, risk, controls etc.)
• Experience of the vulnerability management process and analysis, interpretation, and prioritization of the results

Additional Information

Learning and Development

Our culture of learning and complementary approach to supported or self-guided career development, enables the design of tailored courses to suit specific needs of each individual to aid personal growth in areas related to technical, commercial and personal skills, via an extensive suite of CGG developed courses, managed through our own CGG Learning hub.

We have great Benefits

As well as a competitive salary and bonus scheme, CGG has flexible holiday allowance, pension scheme, private healthcare & dental and financial wellbeing assistance, among many other local discounts and incentives. 

Join us and share your talent and imagination to ‘see things differently’!

We see things differently. Diversity fuels our innovation, we value the unique ways in which we differ, and we are committed to equal employment opportunities for all professionals.