Key accountabilities
Assisting with the implementation and maintenance of the Information Security Programme;
Assisting with efforts to align internal security practices with industry best practices and security frameworks commensurate with strategy and the expectations of our clients and regulators;
Stay abreast of the threat landscape specific to Euronext and adjust/draft solutions designs according to developments in this space;
Timely and accurate reporting of the current state of all assigned projects/initiatives;
Keeping track of policy and standards exceptions and the risks aligned to them;
Keep abreast of new risks and trends in the threat landscape that may need to be addressed within information security policies, procedures and standards;
Exhibit a broad knowledge of security compliance and auditing frameworks and apply those to formulate policies, procedures and standards;
The delivery of ongoing security awareness and training through various tools and workshops;
Ownership and oversight of all controls owned by InfoSec, including the approval point for all change efforts, etc., that might impact any such controls.
Required Skills
5+ years' experience in a specific Information security role (e.g. related ISO 27001 consultant/projects);
Experience within the financial sector will be a considerable benefit;
Past/proven experience working in a team;
Established background in Information Security Risks processes and in IT/Information Security Audit;
Strong background and knowledge of working with and implementing international security standards and frameworks, such as ISO27001, ISO27002, ISO27005, NIST, Cobit 5, etc.;
Ability to deliver security education and awareness training sessions and material;
Excellent written/verbal communication skills and organizational skills;
Must be able to work well under pressure, prioritize workload appropriately and work well alone or as part of a team;
Ability to adjust to changing priorities while multitasking effectively and to articulate complex security and privacy concepts to business users;
Ability to communicate with clients in a professional manner;
Working/technical knowledge of IT infrastructure and security specific controls;
Security industry certifications are considered a plus, e.g. CISA, CISM, CRISC, CGEIT, Cobit 5, ISO 27001 or other security/ISO related certifications.
#J-18808-Ljbffr