- Company Name
- IS@TALENT
- Job Title
- Responsable de la Sécurité des Systèmes d’Information F/H
- Job Description
-
**Job Title**
Information Systems Security Manager (F/M)
**Role Summary**
Lead and execute the information security strategy within a 50‑person IT department, acting as both strategist and operational lead. Drive security governance, risk management, and security integration across technical, development, and business teams while fostering a culture of security awareness.
**Expectations**
- Develop and maintain a realistic, prioritized security roadmap.
- Ensure practical application of security policies across IT, development, and business units.
- Lead key security projects (IAM, MFA, access management, application and infrastructure hardening).
- Embed security by design into application development lifecycle.
- Support business resilience through PRA/PCA initiatives.
- Influence and motivate teams where security is not a default priority.
- Provide continuous, clear reporting to the IT Director and executive management.
- Maintain up‑to‑date knowledge of technology, regulations, and emerging risks.
**Key Responsibilities**
- Map cyber risks (customer data, fraud, business continuity).
- Update and enforce the Information Security Policy.
- Pilot security projects: IAM, MFA, privileged access, application hardening, firewall, EDR.
- Partner with development teams to evolve practices, tools, and methods.
- Contribute to business resilience (PRA/PCA).
- Educate, persuade, and secure buy‑in from technical and non‑technical stakeholders.
- Challenge technical and organizational decisions from a risk perspective.
- Monitor regulatory, technological, and threat developments.
- Deliver concise, data‑driven reports to IT leadership and board.
**Required Skills**
- Strong technical expertise in infrastructure security, application environments, IAM, firewalls, EDR, security audits, and PRA/PCA.
- Proven ability to influence change, especially with development teams.
- Structured, pragmatic approach to prioritization and risk assessment.
- Leadership by influence (no direct reports).
- Excellent communication, negotiation, and teaching skills.
- High level of discretion and meticulousness.
- Fluency in English (required).
- Experience in an international setting; exposure to regulated/high‑security sectors (finance, luxury, retail) is an asset.
**Required Education & Certifications**
- Engineering degree or equivalent (Bac+5).
- Significant experience as an Information Security Officer (RSSI) or equivalent role.
- Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer, or equivalent) preferred.