Information Security Manager

Constellium is a global leader in aluminum manufacturing with 13’000 employees in 25 locations distributed over Europe, North America and Asia. Constellium serves the aerospace, transportation, automotive and the packaging market. In doing that, Constellium heavily depends on information technology which enables business support and production processes.
The Information Security manager is responsible to manage Information Security risks and work with Information Security Risk Owners to effectively manage their risks, implement or participate in various compliance related initiatives such as GDPR, ISO 27001, SOX, TISAX, etc. As a member of a distributed and international security team, the candidate leads and participate in a variety of Information Security projects that are rolled out in Constellium.

Key Responsibilities
•    Lead information security projects 
•    Ensure compliance with information security compliance requirements
•    Centrally manage Information Security risks
•    Collaborate with Information Security Risk Owners to effectively manage their risks
•    Collaborate with information security team
•    Provide information security awareness training
•    Ensure project delivery, meet or exceed customer expectations
•    Supervise external vendors
•    Collaborate with the Infrastructure services teams
•    Establish trusted relationships, support and collaborate with local IT teams

Skills
•    Bachelor degree in Information Technology, Master degree preferred
•    5 - 10 years of experience in IT and/or Information Security
•    Ability to operate in a complex global structure 
•    Managerial experience: this profile will manage directly 2 people
•    Willingness to work in a fast changing and demanding environment
•    Experience with working in globally distributed teams to work on projects or initiatives
•    Experience with convincing colleagues from other teams, functions or business units, to understand and follow security requirements and remediate deviations thereof
•    Experience with managing Information Security risks and GRC/IRM tools
•    Ability to manage small to medium sized projects as a project manager
•    Ability to work with and supervise external vendors
•    Familiar with providing presentations, training and coaching
•    Excellent foundation for various technical Information Security topics such as system- and network security, risk management, identity and access management, cryptography, physical security
•    Familiar with security standards, frameworks and best practices such as: ISO 27001, Cobit, NIST, etc …
•    Participating in security reviews, risk assessments and IT project support
•    Good understanding of policy, standards and procedures frameworks
•    solutions (in particular Microsoft operating systems and infrastructure services, VMWare, vSAN, Veeam etc.)
•    Solid understanding for IT security including network security (firewalls, IPS, IDS, VPN, proxies), system security (hardening, malware prevention), compliance (SOX, NIST, GDPR) as well as authentication and authorization.

Additional information: international travels up to 20% of the time