Candriam is a global multi-specialist asset manager and a recognized pioneer and leader in sustainable investment.

As a Responsible Employer, Equal Employment Opportunity is crucial to Candriam. We are committed to building the best global team that represents a variety of backgrounds, perspectives, and skills. We provide an inclusive work environment and support wellbeing and work-life balance.

The IT security department at Candriam assesses the security level of the information system and implements its Information Systems Security Policy (ISSP).
We implement solutions to guaranty the reachability, the confidentiality, and the integrity of the information system and data.
Our missions are the management of operational security (governance, programs and strategy, architecture, network security, access management, cyber defense), the implementation of IT security tools (choice of innovative solutions, implementation), and support of the  business units in their IT projects.

Innovation and agility are the signature of our department.

We are looking for a highly skilled and experienced IT Operational Security Manager (OSM) to join Candriam IT security services & IAM business unit.

The OSM will be responsible for defining, implementing, and maintaining security measures to protect our information systems and data.
This role requires a strategic thinker who can provide expert advice, manage security operations, and lead incident response efforts.

Key Responsibilities:

Team Management :

• Manage an autonomous team of 6 people: Ensure continuity of service and continuous improvement of products
  Manage resources, capacities, budget and planning while respecting the policies and processes in place.
  
  
• Security Governance: Oversee security governance and ensure compliance with corporate policies.
  Define and manage the Security Assurance Plan.
  
  
• Risk Management: Identify security risks and develop mitigation strategies.
  Provide strategic advice and alert on security risks related to the information system.
  
  
• Access Control: Manage and control logical access to information systems.
  Ensure robust identity and access management practices are in place.
  
  
• Security Monitoring and Incident Response: Conduct continuous security monitoring and manage vulnerabilities.
  Lead the externalized Security Operations Center (SOC) and oversee the security incident management process.
  Communicate effectively with clients and business units regarding security incidents and responses.
  
  
• Project Management: Lead and execute projects related to security incident detection and response, including SOC evolution, log centralization, vulnerability scans, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM).
  Participate in infrastructure security projects.
• Compliance and Audits: Support external audits and ensure compliance with relevant security standards and regulations.
  Promote security awareness and conduct training sessions for staff.