Head of IT Operational Security Manager & Access Management F/M

Vacancy details

General information

Reference

2024-255  

Position description

Business unit

Operations, Data & IT - IT Security

Job title

Head of IT Operational Security Manager & Access Management F/M

Contract type

Permanent

Candriam Group Presentation

Candriam is a global multi-specialist asset manager and a recognized pioneer and leader in sustainable investment.

As a Responsible Employer, Equal Employment Opportunity is crucial to Candriam. We are committed to building the best global team that represents a variety of backgrounds, perspectives, and skills. We provide an inclusive work environment and support wellbeing and work-life balance.

Mission

The IT security department at Candriam assesses the security level of the information system and implements its Information Systems Security Policy (ISSP).
We implement solutions to guaranty the reachability, the confidentiality, and the integrity of the information system and data.
Our missions are the management of operational security (governance, programs and strategy, architecture, network security, access management, cyber defense), the implementation of IT security tools (choice of innovative solutions, implementation), and support of the  business units in their IT projects.

Innovation and agility are the signature of our department.

We are looking for a highly skilled and experienced IT Operational Security Manager (OSM) to join Candriam IT security services & IAM business unit.

Responsabilities

The OSM will be responsible for defining, implementing, and maintaining security measures to protect our information systems and data.
This role requires a strategic thinker who can provide expert advice, manage security operations, and lead incident response efforts.

Key Responsibilities:

Team Management :

  • Manage an autonomous team of 6 people: Ensure continuity of service and continuous improvement of products
    Manage resources, capacities, budget and planning while respecting the policies and processes in place.

  • Security Governance: Oversee security governance and ensure compliance with corporate policies.
    Define and manage the Security Assurance Plan.

  • Risk Management: Identify security risks and develop mitigation strategies.
    Provide strategic advice and alert on security risks related to the information system.

  • Access Control: Manage and control logical access to information systems.
    Ensure robust identity and access management practices are in place.

  • Security Monitoring and Incident Response: Conduct continuous security monitoring and manage vulnerabilities.
    Lead the externalized Security Operations Center (SOC) and oversee the security incident management process.
    Communicate effectively with clients and business units regarding security incidents and responses.

  • Project Management: Lead and execute projects related to security incident detection and response, including SOC evolution, log centralization, vulnerability scans, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM).
    Participate in infrastructure security projects.
  • Compliance and Audits: Support external audits and ensure compliance with relevant security standards and regulations.
    Promote security awareness and conduct training sessions for staff.

Profile

Graduated from an engineering school or equivalent.
5 years at least of experience as an OSM and at least 10 years of experience in Information Systems Security and cybersecurity.

Technical Skills:
 Ability to manage priorities and risks
 Deep understanding of information systems security concepts and best practices.
 Knowledge of network security protocols, cryptography, and identity management.
 Competence in incident response and risk analysis
 Experience with security tools (SIEM, IDS/IPS, antivirus, vulnerability management, etc.).
 Mastery of strategic security planning
 Knowledge of security standards and regulations
 Proficiency in IT security technologies
 Knowledge of CERT
 ISO27001 Lead Implementer, ISO27005 Risk Manager certification

Soft Skills:
 Good interpersonal skills and excellent communication and writing skills.
 Rigor, synthesis skills, and ability to simplify complex concepts.
 Great adaptability and strong sense of ethics.
 Natural leadership and team spirit.
 Strong communication and project management skills.
 Ability to work under pressure and manage multiple priorities.

#LI-POST

Position location

Job location

Europe, Belgium

City

Brussels

Candidate criteria

Education

4. Master's Degree II / Bac+5

Minimum level of experience required

10-15 years

Languages

  • English (C1 - Fluent)
  • French (C1 - Fluent)