Senior Analyst, Information Security Management

ROLE DESCRIPTION:

We are looking for a Senior Analyst, Information Security Management to join the ISM team in our Bucharest location!

In this role, you will contribute to the development and continuous improvement of the SES information security management and policy framework and manages information security projects as laid down in the SES information security roadmap.

You will also manage information security risks, as well as design and implement information security concepts to adequately safeguard information assets of SES, its affiliates and commercial platforms. You will get to also provide Information and Cyber Security related project support and internal consultancy within the organization as well as for customer related projects.

You will be responsible for (this is not an exhaustive list):

• Coordinate the development and continuous improvement of the SES information security management system in accordance with industry standards and best practices


• Identify, assess and manage information security risks


• Manage compliance to the information security policy framework


• Liaise with relevant stakeholders across the organisation to develop and promote information security policies, standards, processes and procedures 


• Support the definition and implementation of SES’s information security strategy and framework
  
  
  
  • by assessing information security risks and
  
  
  • specifying and implementing information security controls to mitigate key risks.
  
  
  
  


• Manage assigned information security projects and budgets as laid down in SES’s information security strategy and deliver them within time, cost and scope.


• Design, implement and document information security concepts and information security controls, including coordination of various business stakeholders and engineering groups.


• Perform information security audits and vulnerability assessments and support the management of vulnerabilities


• Support the detection and analysis of information security incidents and manage adequate responses to information security incidents


• Support the development and maintenance of SES’s information security awareness program and delivery of awareness sessions


• Provide clear, concise, timely and constructive recommendations regarding information security in all areas related to information systems, networks and applications


• Travel as required

YOUR PROFILE

1. Must have 

• Degree in Computer Science and minimum of 6 years of industry related experience


• NATO nationality is a must, EU Nationality is a plus. Must be willing to undergo Personal Security Clearance process, if required.


• Strong knowledge of Information Security Standards and good practices, including ISO 27000 series, NIST SP-800 series (e.g., NIST800-53), etc.


• Strong, hands-on knowledge of and experience with implementing and maintaining Information Security Management Systems in accordance with ISO 27001 and best practices


• Strong, hands-on knowledge of and experience with securing cloud environments


• Information Security Risk Management frameworks and methodologies


• Network security, system security, application security and security design


• Cyber Security threats, vulnerabilities, security technologies and controls


• Data Protection and Data Privacy


• Vulnerability, compliance and patch management for complex networks, systems and applications

2.    Nice to Have

• Relevant certifications (e.g., ISO 27001 Lead Implementer, ISO 27005 Certified Risk Manager, CISM, CISA, CISSP) and knowledge of the satellite industry are a plus


• Consulting experience would be a plus

WHAT'S IN IT FOR YOU

• Flexible working policy


• Bonus plans


• Comprehensive and competitive benefits plan


• A range of wellness activities and employee assistance programs