Head of ITD SRC, France & Middle Office

Reporting to: Group SVP Head of IT Security, Risk and Compliance

Job Location: France

Format: Hybrid

Mission

• Preserve the confidentiality, integrity, and availability of information assets across France and Middle Office organizations.
• Develop and regularly enhance an effective Information Security Management System in alignment with Group IT Security Strategy, Policies, and Standards throughout France and the Middle Office organization.
• Facilitate the adoption of the Global IT SRC Strategy and Objectives within France and the Middle Office.
• Manage operational, legal, regulatory, and information security risks for France and the Middle Office through robust Governance Risk Management frameworks.
• Advocate Adecco’s IT Policy framework standards and foster an Information Security-oriented culture among all business and IT users within French and Middle Office organizations.
• Monitor and oversee security incidents, conduct thorough investigations, and implement corrective measures to mitigate future risks.

What you’ll be doing

• Support the Global Head of Information Security, Risk and Compliance in the implementation of the Group IT Security, Risk and Compliance Strategy across France and Middle Office organisations, assist in deploying the Global IT SRC Strategy and Programmes by communicating their objectives and benefits to local IT and business leaders, and help prioritise related activities in these regions.
• Represent Group IT Security, Risk and Compliance as a member of the Adecco Group France ITD Leadership team
• Communicate and publicise the Adecco Group IT Policy & Control framework and ensure risk assessments exercises are carried out timely and in line with the established procedures
• Liaise with other Assurance functions (Internal and External Auditor), coordinate security audits and ensure that remediation plans are defined and implemented in line with agreed dates.
• Assess current levels of risks within the France and Middle-Office organizations and their technology and information assets on an on-going basis. Ensure all the Identified IT and Information security risks are managed through their life-cycle and provide visibility to Group, France and Middle-Office Management with clear and concise reporting to support decision making.
• Ensure that information security, privacy and regulatory requirements are embedded early and followed through the projects lifecycle and that project teams deploy products /systems / applications in line with the IT Security Controls Framework
• Provide concise, relevant and informative reports to the Global Head of Information Security, Risk & Compliance and Main Stakeholders on the status of security and risks within the Digital Products and Ventures environment
• Monitor & manage all security incidents & breaches and take remedial actions to prevent recurrence wherever possible
• Lead investigations in coordination with the GSOC (Global Security Operations Centre) in the respective functional area for breach of Information Security Policies and standards or security compromise.
• Lead a team of recognized experts in the field of Information Security and Risk Management within France and the Middle Office organizations and keep abreast of local regulations and requirements related to information security, AI, Privacy and Tech regulations
• Ensures Group Information Security Culture and Awareness Initiatives and end users training are deployed in line with Group IT SRC Strategy and Objectives

Professional & Leadership experience

• 10+ years of experience in the field of Information Security
• 5 years of experience in a similar position within a Global Organization
• Professional experience in running the information security office analysing and applying information security, risk management, and privacy practices
• Demonstrable knowledge in key IT Security and Risk Management framework (such as COBIT, NIST, SOC 2, ISO 27001)
• Demonstrated experience and exposure in the international security arena dealing with security-related issues
• Experience with implementation and maintenance of the ISO/IEC 27001 standard
• Big 4 or HR industry background is desirable.

Personal attributes

• Strong team player, excellent collaboration skills
• Ability to build pro-active, co-operative working relationships with customers, peers and key stakeholders based on respect and team work
• Ability to communicate effectively complex and technical concepts to business leaders
• Good ability to convince and influence stakeholders from all backgrounds.
• Experience with and sensitivity for different cultures
• Ability to act under strong pressure and to manage efficiently crisis situations
• Good in leadership, inspiring, encouraging and providing constructive criticism to help improve performance of colleagues
• Able to evaluate information, identify key issues and formulate conclusions based on sound, practical judgment, experience and common sense
• Willingness and ability to travel

Education and certifications/training

• University degree preferably in a technical subject or any comparable education
• CISSP, CISA, CISM, CRISC or similar certification preferred
• Professional experience in running the information security office analysing and applying information security, risk management, and privacy practices

Language requirements

• Good to excellent command of French and English
• Any additional language is a plus