Chief Information Security Officer
Lynxeo
Courbevoie, 92400
Company Context
LYNXEO, a leading player in the industrial cable manufacturing sector, is undertaking an ambitious transformation plan to strengthen its market position, optimize operational performance, and accelerate value creation.
To drive this transformation, LYNXEO is seeking to create its own policies and action plans to
maintain and improve the protection level of its Information System and its Industrial environment
against cyberattacks like malware, intrusion from hackers, and fraud attempts. Our futur Chief Information Security Officer is part of the IS Department with the objective to manage
CyberSecurity risks within Lynxeo.
Areas of responsibility
In this context, the missions of the Chief Information Security Officer are:
- Raising awareness and providing training on security issues by informing operational and business unit management and raises awareness and promoting the IT security charter to all users.
- SOC Management :
- Develop strategy for all activities of the SOC services, from the Threat Intelligence, the security monitoring, the vulnerability management, and the crisis support
- Manage outsourced and in-house SOC services for detection quality continuous improvement and SLA performance
- Define the SOC evolution phases, as a service offer, and as integration within Lynxeo landscape
- Define and update incident & vulnerability management policy, processes and tools
- Integration of new sources and detection rules within the SOC
- Validation of incident response process from the SOC detections with our IT support levels and IT teams
- Manage the security operation activities, including service outsourced
- Lead SOC run operations and liaise with IT & business
- May propose a Security Assurance Plan to describe the security arrangements for a service which may be annexed to a contract.
- Assesses resources and makes recommendations :
- Defines security norms and standards.
- Defines and coordinates continuous improvement projects on security processes and tools.
- Ensures that security is including in the project definitions within their scope. May lead the corresponding bodies.
- Anticipates and proposes changes within their area of responsibility and capitalises on all
- feedback (including security incidents, etc.).
- Intelligence : Follows up on regulatory and technical developments in their field & looks out for any changes needed to ensure the IS software and hardware remains secure.
- Risk analysis : Assesses risks, threats and consequences & establishes the prevention plan & takes technical and/or organizational measures to monitor and assess security and react to attacks.
- Resilience : Takes immediate protective measures in the event of an incident & Prepares and implements an IT continuity and an IT recovery plan.
- Remediation : Carries out the necessary analyses to understand a problem & Implements the necessary measures to solve a problem.
Required skills and qualifications
- Master’s Degree in major business school or engineering school or top-class University
- Proficient in Incident Management and Response
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors and risk management
- A plus would be certifications related to CyberSecurity or Information Security (ISO 2700x/27032, CISSP, CISM, or equivalent)
- Knowledge of Network design
- SOC organization and operations experience
- Knowledge of ITIL disciplines
- Excellent analytical and problem-solving skills
- Fluent English