Head of IT Operational Security Manager & Access Management F/M
Head of IT Operational Security Manager & Access Management F/M
Business unit
Operations, Data & IT - IT Security
Job title
Head of IT Operational Security Manager & Access Management F/M
Contract type
Permanent
Candriam is a global multi-specialist asset manager and a recognized pioneer and leader in sustainable investment.
As a Responsible Employer, Equal Employment Opportunity is crucial to Candriam. We are committed to building the best global team that represents a variety of backgrounds, perspectives, and skills. We provide an inclusive work environment and support wellbeing and work-life balance.
Mission
The IT security department at Candriam assesses the security level of the information system and implements its Information Systems Security Policy (ISSP). We implement solutions to guarantee the reachability, confidentiality, and integrity of the information system and data. Our mission includes management of operational security (governance, programs and strategy, architecture, network security, access management, cyber defense), implementation of IT security tools (choice of innovative solutions, implementation), and support of the business units in their IT projects. Innovation and agility are the signature of our department. We are looking for a highly skilled and experienced IT Operational Security Manager (OSM) to join Candriam IT security services & IAM business unit.
Respônsibilities
The OSM will be responsible for defining, implementing, and maintaining security measures to protect our information systems and data. This role requires a strategic thinker who can provide expert advice, manage security operations, and lead incident response efforts.
- Team Management: Manage an autonomous team of 6 people; ensure continuity of service and continuous improvement of products. Manage resources, capacities, budget and planning while respecting the policies and processes in place.
- Security Governance: Oversee security governance and ensure compliance with corporate policies. Define and manage the Security Assurance Plan.
- Risk Management: Identify security risks and develop mitigation strategies. Provide strategic advice and alert on security risks related to the information system.
- Access Control: Manage and control logical access to information systems, ensuring robust identity and access management practices.
- Security Monitoring and Incident Response: Conduct continuous security monitoring, manage vulnerabilities, lead the externalised Security Operations Center (SOC), oversee incident management process, communicate effectively with clients and business units regarding incidents and responses.
- Project Management: Lead and execute projects related to security incident detection and response, including SOC evolution, log centralisation, vulnerability scans, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM); participate in infrastructure security projects.
- Compliance and Audits: Support external audits, ensure compliance with security standards and regulations, promote security awareness, and conduct training sessions for staff.
Profile
Graduated from an engineering school or equivalent with at least 5 years as an OSM and at least 10 years of experience in Information Systems Security and cybersecurity.
Technical Skills
- Ability to manage priorities and risks.
- Deep understanding of information systems security concepts and best practices.
- Knowledge of network security protocols, cryptography, and identity management.
- Competence in incident response and risk analysis.
- Experience with security tools (SIEM, IDS/IPS, antivirus, vulnerability management, etc.).
- Mastery of strategic security planning.
- Knowledge of security standards and regulations.
- Proficiency in IT security technologies.
- Knowledge of CERT.
- ISO27001 Lead Implementer, ISO27005 Risk Manager certification.
Soft Skills
- Good interpersonal skills, excellent communication and writing skills.
- Rigor, synthesis skills, and ability to simplify complex concepts.
- Great adaptability and strong sense of ethics.
- Natural leadership and team spirit.
- Strong communication and project management skills.
- Ability to work under pressure and manage multiple priorities.
Job location
Europe, France (Paris).
Education
Master's Degree II / Bac+5.
Minimum level of experience required
10-15 years.
Languages
- French (C1 - Fluent)