Sites Cybersecurity Officer
BEKASI - BEK2
Applications have closed
Valeo
Valeo is an automotive supplier and partner to automakers worldwide. As a tech company, we design innovative solutions for smart mobility.Valeo is a tech global company, designing breakthrough solutions to reinvent the mobility. We are an automotive supplier partner to automakers and new mobility actors worldwide. Our vision? Invent a greener and more secured mobility, thanks to solutions focusing on intuitive driving and reducing CO2 emissions. We are leader on our businesses, and recognized as one of the largest global innovative companies.
Missions:
In charge of Cybersecurity of one or several Valeo sites in a Cybersecurity Region:
➔ Act as a Cybersecurity point of contact for the site(s)
➔ Coordinate the different actors of the site(s) for all Cybersecurity topics
➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their
level of Cybersecurity
➔ Control the application of the Valeo ISSP (Information Systems Security Policy) and the specific
Cybersecurity rules/exemptions of the site(s)
➔ Raise any non-compliance, abnormal Cybersecurity event, and Cybersecurity incident
➔ Manage locally the Cybersecurity events and incidents
➔ Provide the reporting of the site(s) to the Regional Cybersecurity Officer
➔ Contribute to develop the Cybersecurity mindset within the site(s)
Roles & Responsibilities:
1)Accountability
● Act as a Cybersecurity point of contact for the site(s)
○ Act as the site(s) Cybersecurity point of contact for:
■ Group Cybersecurity organization
■ Regional Cybersecurity Officers
■ Cybersecurity operations centers
■ CIRT (Cybersecurity Incident Response Team)
○ Act as the site(s) Cybersecurity point of contact for external Cybersecurity assessments (e.g.
customer mandated audits)
○ Act as the site(s) Cybersecurity point of contact for the Site BCP Manager regarding local BCP
procedures
○ Communicate within the site(s) for any topic related to Cybersecurity (awareness, rules,
process)
● Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their
level of Cybersecurity
○ Deploy Cybersecurity Group standards, rules and best practices in the site(s)
○ Perform the Site Information Risk Assessments
○ Manage the Cybersecurity action plans at site(s) level
● Control the application of the Valeo ISSP (Information Systems Security Policy) and the specific
Cybersecurity rules/exemptions of the site(s)
○ Control that the Cybersecurity requirements are fulfilled in the DRPs (Disaster Recovery Plan) of
the site(s)
○ Control that the Cybersecurity requirements, defined in the DRPs (Disaster Recovery Plan), are
operational and well performed during each yearly DRPs (Disaster Recovery Plan) execution
Raise any non-compliance, abnormal Cybersecurity event, and Cybersecurity incident
○ Following the appropriate process, raise:
■ Non-compliance to the Regional Cybersecurity Officer
■ Abnormal Cybersecurity event to the Regional Cybersecurity Officer
■ Cybersecurity incident to the Regional Cybersecurity Officer and CIRT
● Manage locally the Cybersecurity events and incidents
○ Monitor and manage the alerts published by the Cybersecurity operations center (viruses,
patches, etc.) in the site(s)
○ Monitor the Cybersecurity events
○ Record, report and manage the Cybersecurity incidents related to site(s) in coordination with the
Regional Cybersecurity Officer (and CIRT if needed)
○ Deploy remediation plans defined in coordination with the CIRT and/or the Cybersecurity
operations center
● Provide the reporting of the site(s) to the Regional Cybersecurity Officer
○ Report action plans progress, exceptional requests, troubles
○ Manage and provide the Cybersecurity KPIs of the site(s)
2) Responsibility
● Act as a Cybersecurity point of contact for the site(s)
○ Apply Cybersecurity requirements following Regional Cybersecurity Officer’s request
● Control the application of the Valeo ISSP (Information Systems Security Policy) and the specific
Cybersecurity rules/exemptions of the site(s)
○ Realize the Site Information Compliance Assessment and update it when requested and/or
following a major change in the site(s). Alert Regional Cybersecurity Officer in case of major
deviation
○ Control that the Group Cybersecurity standards, rules and best practices are respected
○ Act as internal Cybersecurity risk auditor for the other sites of the ‘Region’ (upon request of the
Regional Cybersecurity Officer)
● Manage locally the Cybersecurity events and incidents
○ Suggest capitalization in perimeter following Cybersecurity events and incidents
● Provide the reporting of the site(s) to the Regional Cybersecurity Officer
○ Participate to the Regional Cybersecurity Officer’s Cybersecurity meetings
○ Propose improvements of Group standards to Regional Cybersecurity Officer
Other
○ Upon request, act as Regional Cybersecurity Officer delegate to perform some specific missions
3) Contribution
● Coordinate the different actors of the site(s) for all Cybersecurity topics
○ Contribute to Group Cybersecurity programs
● Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their
level of Cybersecurity
○ Perform or control, upon Regional Cybersecurity Officer delegation, risk assessments for, but not
limited to, local projects or other sites
● Contribute to develop the Cybersecurity mindset within the site(s)
○ Assist and advise IS/IT people on Cybersecurity matters
○ Translate the Cybersecurity communications, eLearning, TIPs, etc. when requested by the
Regional Cybersecurity Officer
Qualifications:
● Bachelor’s degree or Master’s degree in Computer Science and/or Cybersecurity
● Certification(s) in some Cybersecurity standards/technical domains
● >3 years of relevant experience in Cybersecurity
● Knowledge and experience linked to Cybersecurity standards (ISO 2700x, NIST, NIS, etc.)
● Knowledge and experience in technical topics such as malware, patch management, firewalling
● Other infrastructure / network / system / database / application experience
● Fluent in English
Job:
Cybersecurity OfficerOrganization:
IS SSCSchedule:
Full timeEmployee Status:
RegularJob Type:
Permanent contractJob Posting Date:
2023-02-02Join Us !
Being part of our team, you will join:
- one of the largest global innovative companies, with more than 20,000 engineers working in Research & Development
- a multi-cultural environment that values diversity and international collaboration
- more than 100,000 colleagues in 31 countries... which make a lot of opportunity for career growth
- a business highly committed to limiting the environmental impact if its activities and ranked by Corporate Knights as the number one company in the automotive sector in terms of sustainable development
More information on Valeo: https://www.valeo.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance Computer Science Incident response KPIs Malware NIST Risk assessment
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open PowerShell-related jobs
- Open SQL-related jobs