Niveau d’expérience : 5-8 ans

Disponibilité : ASAP

Type de contrat : CDI

Présentation de la société :

Créée en décembre 2011, KLANIK a bâti son succès sur son approche Consultant Centric
récompensée par de nombreux prix, nous définissant ainsi comme une entreprise où il fait bon
travailler. Ce modèle se matérialise par des programmes inédits de développement personnel et
professionnel :

  • Act’In Klanik : catalogue de rôles et responsabilités au sein de la société
  • Knowledge Center : université interne de formations
  • Korner : incubateur de start-ups

Aujourd’hui KLANIK renforce son positionnement technologique autour de 4 pôles d’expertise

  • Software
  • DevOps & Cloud
  • Big Data & IA
  • Cybersécurité

Ces pôles sont structurés en communautés de pratiques, au sein desquelles nos collaborateurs
bénéficient à la fois d’un parcours professionnel renforcé et d’une intelligence collective à laquelle ils
participent activement.

En tant que société de conseil, avec un positionnement global et des expertises ciblées, nous
intervenons sur des projets de grande envergure soutenant la transformation digitale d’acteurs
majeurs nationaux et internationaux.

Rejoindre KLANIK c’est participer à un projet commun avec plus de 300 personnalités atypiques
autour des valeurs de Partage, de Bienveillance et d’Exigence.

Nous recrutons actuellement 200 talents pour collaborer avec nos équipes. Retrouvez-nous en France
à Marseille, Montpellier, Sophia-Antipolis, Paris, Lyon et Lille ; mais aussi à Bruxelles, Monaco,
Montréal et Houston.

Descriptif du poste :

The Governance, Risk and Compliance team supports IT and Business Units to develop adequate solutions on operational risk management practices, focusing but not restricted to Information Security.

Their main missions are:
– Identify operational information risks on assets/applications, projects and 3rd-parties.
– Advice, consult, monitor and report on risk treatment in order to reduce the overall risk exposure of IT and Business at an optimized cost.
– Elaborate and manage the implementation of a flexible strategy to reduce Information Security risks in accordance to the Information Security policies of the client.

Profil :

– You execute security risk assessments in IT and business, scoping projects or legacy assets (applications, business solutions, 3rd-parties organization, processes…). Maintenance of identified risks in the risk registry database.
– You setup processes and procedures for an end to end security management for assets and Third-parties.
– You perform security risk quality assurance from the creation to the closure.
– You deliver consulting on risk management to internal customers (IT and Business) :
‘ Proposition or validation of measures to mitigate risks.
‘ Creation of detailed or synthetic risk report, structured and formulated in line with the client and Information Security Risk Management best practices.
‘ Support in increasing risk control maturity by providing a valuable follow up and reporting. – You report risks and overall risk posture to Information Security, IT or Business Management
‘ Correlate risks across a portfolio of projects or activities; identify and propose transversal risk mitigating actions.
‘ Create risk dashboards and reports for a management audience, in line with the defined risk appetite for the company.
‘ Create one-pagers and synthetic risk reports for a management audience.
– You manage customer relationship, and are the Single Point Of Contact for the risk management services you delivered. You customize services to meet customer needs or expectations while ensuring compliance with risk management methodologies and guidelines.
– You contribute to definition and improvement of risk management methods and tools supporting those activities (risk identification guide, risk evaluation matrix, industrialization of risk monitoring and reporting framework and deliverables) taking into account your field experience as well as best practices coming from the client or other sources like regulators, Basel II, CobIT, ISO27000/31000 …
– You contribute to writing procedures and processes supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS processes is a must.
– You are the single point of contact for security matters related to the CIAT of our assets: business support, maintenance of procedures and tooling, regular reporting, integration of the security asset management in the overall asset management processes of the bank.

Référence de l'annonce : cyber_security_risk_management_CCA_0011