Cybersecurity Risk Consultant Toulouse

mai 2021 par Elite Cyber Group

EliteCyber ​​represents one of its clients, a major player in the French cybersecurity landscape (but also beyond our borders), you will not be bored!



A reputation already well established on their positioning as Cyber ​​expert, however, they never rest on their laurels and continue to breathe new life into their offer thanks to partnerships, investments and R&D which propel them ever further.



Aware that the cybersecurity market is evolving at lightning speed, they know how to remain humble, take a step back, question themselves and adapt to new developments.



Why this job is key for cybersecurity ?





The risk management is part of the cybersecurity backbone. According to our customer maturity, they have different capabilities to manage risk assessment. From a manual hadhoc methodology to an industrialized and integrated continuous process.



The digital transformation is generating amazing amount of information allowing to contribute to the cyber risk identification.





What is the work environment ?





As member of the GRC (Gouvernance Risk and Compliance ) team you will be part of the Cybersecurity Center Team. Your mission will allow you working in various customer contexts (Banking, Aeronautic, Energy ...).



The Cybersecurity Center is a 360° of all Cybersecurity skills (Governance, Risk, Audit, Compliance, Design, Data Science, Architecture, Integration, Operations).



They cover all kinds of digital technologies (Microsoft, Linux, Clouds AWS Azure Google, Java Python .Net, TCP/IP SSL SSH S-MIME, Ansible Terraform, Spark Hadoop Splunk ELK, Docker VMWare OpenStack, Machine Learning, GIT ....).



With around 200 people experts in several Cybersecurity domains for around 20 customers the Cybersecurity is one of the biggest in Europe. Within a large panel of sectors Aerospace, Banking, Energy, Manufacturing, ... you will have the chance to move across cybersecurity domains for several kind of customers.





What are the activities ?





- Support customers into their risk analysis transformation.

- Build risk methodologies, metrics (DICT, impact, vulnerability, risk, potentiality ... scales), risk treatment and management processes.

- Be part of the e-GRC tools selection and implementation

- Reference all customers risk management inputs and stakeholders

- Define strategy roadmap and present the vision in management meetings

- Realisation of IT risk analysis for customers (Aeronautics, Banking, Energy ...)

- Help and support for junior analysts

- Support for drafting commercial proposals

- Scoping of customer requests





What are the evolutions & trainings ?





There is mobility across activities in the cybercenter but also different level of expertise and service leading. You can move across cybercenters in U.K. or Singapore or Germany. They define training plan including following training





Profile



- You have 5+ years experience in risk analysis activities on different types of systems in different contexts / environments



- You already managed a risk program and have capabilities to improve the way of working



- Master Degree in Computer Sciences









Skills Expected:



- ISO27005 certification

- EBIOS, OCTAVE, CRAMM or MEHARI risk methodology

- CARTA or MITRE framework



Basic knowledge of IS:



- Network : Layer 2; 3; 4 of the OSI Model (Ethernet / WIFI / IP / TCP / UPD / etc.); SAN / NAS



- System / WEB knowledge: OS WINDOWS / UNIX; LDAP / AD / NIS; multi-tier IT architecture; ROA; REST / SOAP / HTTP / FTP;



- Network Security Knowledge : VLAN; VPN; ACL; Firewalling; IPSEC; NAC; SSL / TLS;



- Security WEB and System Knowledge: RADIUS; KERBEROS; PKI; SE-LINUX; OAuth; SAML; SSO; FSO; SaaS / PaaS / IaaS; MFA; Etc.



- Organisational Security: ISO27001; Risk Management; IAM process;





Bonus :



- Mainframe Knowledge and Mainframe security



- PCI-DSS knowledge; LPM; GDPR



- PIA analysis (Privacy)



- Experience in a banking IS



- Risk analysis on industrial IS



- Programming basis



- CISSP or CISM certification







Salaire : 55k€-70k€

Date annonce : 29/05/2021

Date de debut : 29/05/2021

