Home
Jobs
KICKLOX
Specialiste gouvernance sécurité Freelance H/F

Specialiste gouvernance sécurité Freelance H/F

Hybrid

Paris, France

Freelance

27-02-2025

Share this job:

Score my CV Apply

Job Specifications

L'offre

Projet

SECURITY GOVERNANCE POLICY SPECIALIST

Secteurs

Défense & Sécurité, Télécommunications, Services & Systèmes d'Informations

Description De L'offre

We need to strenghten and improve its security process and procedure regarding its human and physical security governance. We search for a policy and procedure specialist to assess, define and write security documents (process, procedure, contracts security appendix, terms and conditions). The role reports to the chief security officer of the company.

We Are a Leading Company In Information And Cloud Technology. We Search For a Security Governance Policy Specialist To Write And Process The Validation Of Security Documents

Security process and procedures regarding human and physical security risk
Contracts confidentiality requirements, appendix, terms and conditions for providers

Missions à réaliser

Produce the templates and security risk assessement :
Role Based Security risk assessement (template and 100% of employees and contractors security logbook).
Gather all security risk related to human risk in physical and cybersecurity field (employees, IT administrators, users).
Define a security awareness plan to manage assessed risks (knowledge and behaviour objectives)
Propose a security awareness program (implementation process, resources, procedures and monitoring dashboard).
Write and validate hosting service provider contract security appendix, Terms and conditions
Benchmark security terms and conditions for equivalent services providers
Adapt security terms and conditions for our current hosting service provider
Drive workshop with the provider regarding requirements, terms and conditions
Process contract security appendix validation with provider and stakeholders
Conduct physical security systems GDPR compliance
Data assessement for physical security access accreditation
Build a map of physical access data processing and a shared data mapping
Assess sychronicity solution to automate access control database and registration process (ID, profil, rights, authorized zones and time).
Assess automated process and solution for access control data base backup process
Assess automated tools to build incident report using security systems data (CCTV, access control logs, alarms).
Assess physical security systems regarding GDPR risk and compliance

Livrables attendus

Security awareness program

Contract security appendix

Data assessement

Modalités

Date de démarrage : dès que possible
Date de fin : durée 3 mois
Candidats recherchés : 1
Expérience : 0+ an
Type de contrat : Freelance / Indépendant, Temps complet
Rémunération : 150 € - 2000 € par jour selon expérience
Mode de facturation : Assistance technique
Localisation : Paris, France
Télétravail partiel

Le profil recherché

Compétences requises

securité, SANS SSAP, RGPD

Description Du Profil

ISO27001 Implementer, ISO27005 Risk Manager, EBIOS Risk Manager,

Security awareness professional (SANS SSAP) and/or Physical Security Professional (ASIS PSP)

Knowledge in GDPR and SECNUMCLOUD requirements

Langues

Français, Anglais

Catégories

Autre

À propos de l'entreprise

Les secteurs d'activité

Aéronautique, Spatial, Défense & Sécurité, Services & Systèmes d'Informations

Taille de l'entreprise

> 2000 salariés

About the Company

Kicklox est une plateforme d'ingénierie et de conseil en technologies.Nous fédérons une communauté de plus de 120 000 ingénieurs qui interviennent (en mission ou en CDI) sur les projets de nos clients, grâce à notre plateforme digitale qui facilite la mise en relation, et le suivi de projet. Nous travaillons avec des grands groupes tels que Safran, Thales, Airbus, Nokia et bien d'autres. Vous avez un projet à faire réaliser par notre communauté ? https://www.kicklox.com/ Vous êtes ingénieur ou développeur, inscrivez-vous p... Know more

Related Jobs

Company Name: VASS BENELUX
Job Title: Security Architect - ICAP
Job Description: CV Submission deadline: 7th March Location: Remotely from the European Union with occasional (monthly) travel to Strasbourg, France (travel costs covered by the company). Initial contract duration: 6 months VASS BeNeLux, in partnership with Leonardo, is currently seeking an ICAP Security Architect to work on a project for euLisa, France (Strasbourg). The selected candidate will play a key role in designing and implementing solutions for an antivirus component that integrates anti-malware platforms and content validation via a Web Gateway in ICAP server mode. The role requires expertise in ICAP server configuration, particularly on CentOS (Linux) Web Gateway, as well as Splunk platform integration for security analytics. The ideal candidate will also be responsible for automation, operational procedures, and testing related to the ICAP service. Key Responsibilities: Design and develop a detailed architecture for the ICAP solution. Write Low-Level Documentation (LLD) for system components and processes. Configure, install, and deploy ICAP servers on CentOS (Linux) Web Gateway. Develop automation scripts to streamline ICAP service operations. Conduct ICAP testing to ensure system reliability and efficiency. Create and document operational procedures for the ICAP service. Integrate security technologies into Splunk for monitoring and analysis. Collaborate with security and infrastructure teams to enhance system performance and security. Job Requirements: Technical Skills & Experience: Strong experience in software architecture design and low-level documentation. Expertise in ICAP (Internet Content Adaptation Protocol) and Web Gateway configuration. Hands-on experience with CentOS (Linux) Web Gateway installation and maintenance. Proficiency in automation scripting (e.g., Python, Bash, Ansible) for ICAP service. Knowledge of anti-malware platforms and content validation technologies. Experience integrating ICAP and security technologies with Splunk. Familiarity with network security protocols and web filtering technologies. If you are interested, please don't hesitate to submit your application!

Company Name: NEBIRU
Job Title: Production Security Engineer
Job Description: Rejoignez une équipe dynamique pour sécuriser et optimiser des infrastructures IT à une échelle mondiale. Votre Mission : Gérer et sécuriser les équipements réseau (F5 BigIP LTM/ASM, WAF, SSL, iRules, etc.). Développer et ajuster les politiques de sécurité. Superviser et optimiser le monitoring des infrastructures. Résoudre incidents et alertes liés aux requêtes HTTP et aux politiques WAF. Collaborer avec les équipes globales pour harmoniser les solutions de sécurité. Profil Recherché : Expertise en administration F5 BigIP. Solide expérience en sécurité réseau et infrastructures critiques. Compétences en troubleshooting et analyse avancée. Prêt à relever le défi ? Postulez maintenant !

Company Name: STATION F
Job Title: IOT SECURITY ANALYST / PENTESTER
Job Description: About Red Alert Labs is a security lab based in Paris, France. We provide innovative security assurance & certification services covering the Internet of Things (IoT) ecosystem. Job Description Red Alert Labs Red Alert Labs is a French start-up founded in 2017 with a mission to bring trust to the internet of things. We act as security partners with expertise in IoT. Our goal is to help organisations to secure their solutions and make well informed strategic decisions. We help them find the right balance in satisfying business and security needs. Our partners come to us at any stage within the lifecycle of their IoT products or solutions. Our cybersecurity expertise and deep insight in the cybersecurity certifications, standards and regulatory space gives our offerings a unique point of differentiation in the marketplace. Development of methodologies and specialized tools for risk assessment, security audits and certifications constitute the focus of our innovation because they reflect the pain-points of technical and commercial parts of IoT security. This allows us to provide services that cover among others, risk assessments, security of architectures, security audits, security benchmarking, compliance to standards as well as European or International certification. Red Alert Labs essentially addresses manufacturers of connected objects, developers and integrators of IoT solutions, cloud & platform service providers, and finally buyers of and users of IoT products and services (both public and private). CONTEXT The Internet of Things enables us to connect with a multiplicity of daily-use objects simultaneously. The consumers and industrial users must learn to trust these devices that very often communicate autonomously. How can we tell that an IoT device is trustable? How do we measure IoT Security? Why are the majority of existing security certification standards not well suited for IoT? and finally, are there existing indicators that can characterize the degree of trust and reassure users (consumer and industrial) at the same time? Red Alert labs is a one-of-a-kind laboratory that has a mission to resolve this problem of trust linked to the complexity of IoT technologies. Red Alert Labs is well positioned to become an international and European reference leader in security certification of IoT devices. In the light of accelerating to meet the growing demand for our services & expertise, we are seeking to expand our team of experts. We are searching for an IoT expert for consulting and evaluation tasks. (S)he must possess a minimum of 2 years experience in performing pentests. Description Of The Role IoT Security Expert Your Future Tasks Perform IoT security evaluations/pentests, Contribute to the development of evaluation methodologies in our laboratory, Contribute to the maintenance of the internal laboratory management framework, Contribute to the development of special evaluation environments for some unique IoT devices. Contribute to the execution of internal and client projects (consulting & evaluation): risk assessments, pentests, training, etc. Contribute to case studies linked to IoT security and cybersecurity in general. Preferred Experience You have a BAC+5 or its equivalent You have provable professional cybersecurity experience of at least 2 years, notably in pentesting and security audits. You have some experience in evaluation of information systems covering at least 2 of the following themes: IoT, Embedded systems, web applications, mobile applications, cloud applications. You are familiar with at least one of the following risk assessment frameworks: EBIOS risk manager, OCTAVE, MEHARI, OBASHI, STRIDE. You are curious and wish to grow rapidly in a young and innovative company. You are good at discussing and explaining technical cybersecurity subjects to non-technical people in an easy and understandable way. You are able to write in english and french. You are rigorous, organised, flexible and agile. You are a good team player. Finally, if the start-up world interests you and you would like to join an organisation with high growth potentials – Red Alert Labs is waiting for you! Languages English and French (Obligatory). Recruitment Process How will I be interviewed? You will undergo 3 levels of interviews including one technical exercise where we will work together to evaluate the following: Personal motivation Technical Competence Team Fit Additional Information Contract Type: Full-Time Start Date: 01 January 2025 Location: Paris Education Level: Master's Degree Experience: > 3 years Occasional remote authorized Salary: between 40000€ and 60000€ / year

Company Name: Login Sécurité
Job Title: Service Delivery Manager / Consultant Cybersécurité F/H - LOGIN Sécurité (H/F)
Job Description: DescriptionEn tant que Service Delivery Manager, vous intervenez dans notre centre opérationnel de sécurité (SOC). Force de proposition, vous participez à la qualité du service rendu auprès de nos clients, à l'amélioration continue des process, des outils, et du niveau de sécurité de vos clients. Vous vous appuyez sur les équipes SOC pour répondre aux exigences de vos missions. Vous êtes un relai du SOC auprès de vos clients, et représentant de ces derniers dans l'amélioration interne du service. Vous êtes également un acteur clé des offres Login en recommandant les services et solutions qui permettront au client d'atteindre ses objectifs. A ce titre, vous aurez la responsabilité de mener à bien et, de façon non exhaustive, les missions suivantes : Qualité de service & Couverture Sécurité : - Être force de proposition sur l'évolution et l'amélioration de la couverture des risques (protection et détection); - Analyser et exploiter les indicateurs sécurité par des plans d'actions ; - Piloter et gérer des problèmes de sécurité de vos clients ; - Piloter et gérer des vulnérabilités de vos clients ; - Anticiper et avertir des risques liés aux changements de vos clients ; Satisfaction client : - Être disponible et à l'écoute de vos clients ; - Communiquer sur les évolutions du SOC ; - Faciliter et coordonner les échanges entre les analystes et les équipes opérationnelles de vos clients ; - Assurer la mise en œuvre et le respect des processus et procédures spécifiques de vos clients ; Environnement technique : - Des clients de toute taille avec lesquels nous établissons une relation de partenariat - Equipements de sécurité (clients ou managés : SIEM/SOAR/etc.) - Nombreux environnements techniques différents (chez les clients) Respect des engagements contractuels : - Garantir la qualité du service et le respect du PAQ/CS ; - S'assurer de l'existence et de l'actualisation des documents contractuels ; - S'assurer de la cohérence des KPI ; - Planifier et s'assurer de la réalisation des comités (COTEC - Suivre la facturation client ; Vous êtes issu(e) d'une formation niveau Bac +5, type école d'ingénieur ou université. Vous justifiez d'un minimum de deux ans d'expérience en SecOps et idéalement d'une première expérience dans le pilotage et/ou le management de prestations de SOC. A ce titre, vous maitrisez les fondamentaux du pilotage d'activité, les indicateurs de productivité́ et de qualité́ de type SLA, KPI. Vous maitrisez le fonctionnement d'un SI et possédez de bonnes connaissances en sécurité opérationnelles (Red et/ou Blue team). Vous êtes reconnu(e) pour votre sens du service client ainsi que pour votre aisance orale et vos capacités de communication. Vous faites preuve de polyvalence et d'adaptabilité et vous êtes force de proposition. Votre maitrise de l'anglais est un plus. PROFIL SOUHAITÉ Expérience Expérience exigée de 5 An(s) Source: France Travail (https://www.francetravail.fr/)