Security Analyst with French

BE | Shaping the Future Romania has a proven position of being a reliable partner for financial services organizations to analyze complex requirements, find solutions and implement them in their entirety, regardless of their complexity. Since the foundation in 2015, we have been continually expanding and customizing our spectrum of services. Today, we are privileged to have in our team the best individuals in each sector we operate within the financial services industry.Looking for a French-speaking Security Risk Analyst who will be part of the team responsible for the security governance of the French entity of The Client and its international subsidiaries (7 subsidiaries, including 6 English-speaking and 1 French-speaking), whose activity concerns the fields of insurance (property and personal insurance).RESPONSABILITIESThe mission mainly consists of contributing to:Analyze and validate security exceptions requests such as route openings, non-standard software installations, etcAccompany the IT teams in the implementation of Group security standards for their new/existing applications/infrastructureMonitor the security level of the assetsFollow-up on audit results of applications, third parties (partners, delegated entities, suppliers, etc.) and physical sites, carried out by another department or by the department itself, relating to the integration of vulnerabilities identified in risk analyses and the monitoring of associated remediation action plansSecurity support for business projects using risk analysis by identifying business issues, security requirements, associated action plans, and assessing intrinsic and residual risks for internal and third-party projectsAnd to a lesser extent:Managing IT operational risks (IT risks):o Maintaining and updating the entity's referentialo Development and maintenance of dashboards to monitor the progress of initiatives.What you will do:Security files (and intermediate deliverables such as safety classification, expression of project safety needs, residual risk assessment for business managers)Security risk analysis and if required, risk acceptance formsReporting elements, dashboards of security and risk indicatorsManagerial presentations (for IT and business) on the projectsProfileAdvanced knowledge of risk analysis methodologies and security key topics (classification, AICT assessment, intrinsic/residual risks, risk scenarios)Knowledge of standards (ISO 2700x, ITIL, COBIT, etc.) and security governance principles.Knowledge of security best practices in the field of IT systems management (authorizations, data anonymization, incident management, authentication, backup, archiving, security patch management, antiviral updates, network partitioning, NAC, wifi, etc)Knowledge of security tool administration principles: firewalls, proxies, SIEM, DLP, IDS, IPS, vulnerability scanners like Qualys, IAM systemsTo a lesser extent:Knowledge/experience in security architecture areasSecurity monitoring / understanding and knowledge of the main security threats (virals, cybercrime, APT) and their distribution methods.Possibly, experience of IT security audit missionsSecurity certifications (CISSP, ISO 27001, ISO 27005, NIST etc.)Other skills:French (oral and written proficiency)English (oral and written proficiency)Knowledge of Excel and Powerpoint tools