GISACC - Cybersecurity Risk Analyst

Valeo is a tech global company, designing breakthrough solutions to reinvent
the mobility. We are an automotive supplier partner to automakers and new
mobility actors worldwide. Our vision? Invent a greener and more secured
mobility, thanks to solutions focusing on intuitive driving and reducing CO2
emissions. We are leader on our businesses, and recognized as one of the
largest global innovative companies.
Mission
Part of the Group Cybersecurity team, contribute to protect Valeo by
performing the following activities:
* Cybersecurity risk analysis (‎70%)
* Project Cybersecurity advice/control (‎20%)
* Audits, Governance and Compliance activities (‎5%)
* Cybersecurity watch (‎5%)

Responsibilities
* Cybersecurity risk analysis
* By using the methodologies and tools specific to the scope of the analysis, identify potential weaknesses and related risks for Valeo. It can cover, but is not limited to:
* Third parties
* IS/IT projects
* Valeo sites
* Personal data
* Diagnose dysfunctions
* Provide/implement remediation
* Generate reports for both technical and non-technical staff and stakeholders (if any)
* Project Cybersecurity advice/control
* Control and advize during the RFI/RFQ phase
* Advize/control the Cybersecurity measures to be included in the contract
* Advize the architecture, check the results of the Cybersecurity tests, follow-up the Cybersecurity action plans, advize for the Go-live decision
* Advize/validate the major changes during the Run phase
* Audits, Governance and Compliance activities
* Perform the organizational and/or technical audits. It can cover, but is not limited to:
* Compliance audit (Valeo ISSP (Information Systems Security Policy), Cybersecurity standards/best practices …)
* It can be performed:
* On-site
* Remotely
* Generate the audit reports for both technical and non-technical staff and stakeholders (if any)
Contribution
* Audits, Governance and Compliance activities
* Contribute to Cybersecurity awareness and/or training modules
* Contribute to third parties audits
* Cybersecurity watch
* Threats
* Cybersecurity solutions
Perimeter
* Valeo (Travels abroad are expected according to the needs).
Qualifications

Education/Training
What education and education level are necessary for the position?
Required: Bachelor 's degree or Master's degree in Computer Science and/or
Cybersecurity
Optional: ISO 270xx Certification(s). ISO ‎27005 certification is appreciated

Professional Experience
How many years of professional experience in a specific professional area
are required for the position?
* Experience in Cybersecurity
* Experience of at least ‎5 years in Cybersecurity with a strong focus on risk management
* You have already conducted several Cybersecurity audits and are able of having a relevant risk analysis at the governance, architecture and technical level
* Knowledge of the vulnerabilities and Cybersecurity threats
* Knowledge of the Information System (network, system, Active Directory, database, middleware …)
* Knowledge in software development is a plus

Languages
* Required: Fluency in English
* Optional: French or other language
Job:
Cybersecurity Analyst
Organization:
Schedule:
Full time
Empoyee Status:
Regular
Job Type:
Job Posting Date:
‎2023-‎02-‎08-‎08:00
Join Us !
Being part of our team, you will join:
* one of the largest global innovative companies, with more than ‎20,000 engineers working in Research & Development
* a multi-cultural environment that values diversity and international collaboration
* more than ‎100,000 colleagues in ‎31 countries... which make a lot of opportunity for career growth
* a business highly committed to limiting the environmental impact if its activities and ranked by Corporate Knights as the number one company in the automotive sector in terms of sustainable development

More information on Valeo:
https://www.valeo.com