Cyber Security Chapter Lead

Hybrid, 2 days office

Main scope of the role

The candidate will be part of the CRC department (Cybersecurity Risk & Compliannce), the main role of which is to ensure cybersecurity missions and internal & compliances missions for the TGITS activity perimeters.
In a digital/cloud environment, the Cyber Security Chapter Lead's role is to supervize the application of cybersecuirty policy and supervize cyberscurity's products in relationship with different squads, with the support of experts and control processes.

Responsabilities & tasks (additional information)

In the context of different squads woorking in product mode, the Cyber Security Chapter Lead has the following missions:

- Strategic Planning: he/she will contribute to the development of the squads' cybersecurity strategy, identifying risks and proposing solutions to mitigate them.
- Regulatory Compliance: he/she will ensure that the squads comply with cybersecurity regulations and standards, which may require regular audits and reporting.
- Threat Monitoring and Detection: he/she will participate in the implementation of monitoring tools to detect suspicious activities and respond promptly to security incidents.
- Incident Management: In the event of a security incident, he/she will coordinate emergency responses, investigate the incident, and implement corrective measures.
- Security Awareness: he/she will promote cybersecurity awareness among squads and provide training to reduce risks associated with squads' activities.
- Technology Assessment: he/she will regularly evaluate new cybersecurity technologies

- Ensure the squads have the most effective tools for protection.

- Ensure that training content is aligned, and the tools and processes are in place

Internal stakeholders

• TE Digital Factory squads
• Cybersecurity teams (first and second line of defense / CISO Company)
• TGITS internal digital teams
• TE branches

Contracts (outsourcing and services) / external ressources management

• TCS (Tata Consulting in India), HCL ,CAPGEMINI, CGI, ACCENTURE

Upcoming projects - Integration of cyber in CI/CD chains

On call duty -Yes

Candidate's profile

• At least 5 years of experience in cybersecurity

Educational Background: Masters degree (engineering, business or university)

Relevant Experience & projects

- IT Experience
- Cloud and cyber in the Cloud

Technical skills - tools & technologies

• Strong knowledge of DevSecOps;
• Cloud Security (AWS, Azure);
• Agile method and Product mode;
• CI/CD
• Checkmarks, Wiz, Dependabot, Gitguardian
• Knowing how to automate development, testing and deployment processes to speed up software delivery while ensuring security
• Knowledge of cybersecurity regulations that may apply to you industry and the ability to ensure compliance

Core softskills

1. Having a DevSecCops culture (promoting a culture of security throughout the organization)
2. Having a strong understanding of information security principles, potential threats and security best practices
3. Working in a transversal environment: good relationship with product owners from business

Language skills

EN mandatory - FR (be able to understand)