EMPREGO

Senior Information Security Compliance Officer

Orange-مصر, Egito

votre rôle:

  • Monitor compliance with the security standard and policies and, if needed, set up an improvement plan.
  • Risk assessment and implementation of adequate risk management and continuity assurance practices
  • Interaction with the Customer Security Officer - Day to day support: technical advices, workshops, participation to Change Advisory Boards etc
  • Management of relationships with security partners (internal to Orange and Customer)
  • Monitoring of security services performance
  • Provision of security compliance reporting
  • Ensuring that all the Blueprints, detailed design solutions and implementation plans are compliant with Customer Policies
  • Communicating to the OBS account team the current policies and their evolution,
  • Collection and analysis of the information ( CERT,) on potential IT Risks and threats which can impact Customer Business activities
  • Recommendations, alerts and leading of crisis plans
  • Collection and analysis of the information on potential risks and threats, which can impact the Services delivered by Orange
  • Act as Orange Business Services representative with respect to inquiries from the client, regarding the enterprise's security strategy.
  • Develop specific procedures for effective security for dedicated environments.
  • Develop and monitor formal procedures for reporting information security incidents and investigations within the Orange account team.
  • Arrange and provide information security education and training to Orange account team dealing with the project.
  • Contribute to the security aspects of the design of systems.
  • Assist to regular security or risk management meetings with the different security stakeholders within the client organization
  • Work in close relationship with the audit department of the client to ease the auditing of the specific services ordered. Support the client in its compliances exercises by providing information, evidences or supporting the clients during their own audits.

votre profil:

  • Knowledge of information security management
  • Audit skills: being audited and running audits.
  • Being able to run compliance exercise
  • Knowledge of applicable laws (especially the privacy laws)
  • Risk: analysis, management and mitigations
  • Good communication skills with technical and CxO profiles
  • Good knowledge of OBS processes and OBS security organization
  • Technical knowledge: Firewall, network, OS Security.Typically a focus on the technology used for the client is needed.
  • Project management (basic skill)
  • Knowledge of security and audit standards: ISAE 3402, ISO 27001, SOC 2 (As standards are evolving this must be adapted to the current requested standards)
  • Understanding and evaluation of security threats.
  • Vulnerability management.
  • Business continuity and Disaster recovery
  • Fluent in English
  • Strong and proven consulting skills.
  • Minimum 8 years related work experience in customer facing organizations within the telecom or IT industry
  • Effective Executive Management level communication
  • Outstanding verbal, written, and presentation skills with track record of effective Executive Management communication
  • Business driven and results-oriented.
  • Strong and proven leadership skills.
  • Strong team player Excellent commercial and business understanding
  • Certifications
  • Required: CISM, CRISC,
  • Advised: CISA, CISSP, Certification in Data privacy is a plus.

le plus de l'offre:
The role of the ISCO is to:

  • Protect the interests of the client relying on information, and to protect the systems and communications that deliver the information, from harm resulting from failures of availability, confidentiality, integrity, authenticity and non-repudiation
  • Improve Information Security processes
  • Act as a trusted advisor for all security concerns
  • Align security strategy with client business goals taking into consideration allocated budgets
  • set and enforce security policies and business continuity
  • Ensure the compliance with security requirements defined in the contract
  • Ensure the compliance with OBS security requirements, security standards and certifications.
  • Reduce the complexity of managing security during huge implementations/migrations
  • Provide support during compliance audits
  • Interface between the client security team and the Orange organization
  • Provide assistance in risk management Provide assistance in technical design

contrat:
CDI