Published on 05.07.2018

Corporate

Head of Information Security

 

The head of Information Security is accountable for ensuring appropriate controls are in place for the security of information assets. 

He/she safeguards information by seeing that security risks are identified, assessed and accurately reported.

He/she is empowered to insure the deployment of Sigfox Data & Information security policies throughout the company and to handle the appropriate response to any security related crisis.

 

OVERVIEW

 

The head of Information Security is accountable for ensuring appropriate controls are in place for the security of information assets.

He/she safeguards information by seeing that security risks are identified, assessed and accurately reported.Additionally, he/she is charged with ensuring local procedures and activities comply with all data & security regulatory requirements and internal policies, procedures, guidelines and standards.

The head of Information Security is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.

He/she is empowered to insure the deployment of Sigfox Data & Information security policies throughout the company and to handle the appropriate response to any security related crisis.

 

 

MAIN RESPONSABILITIES

 

In the role, the head of Information Security will…

 

  • Secures the SIGFOX communication network, cloud and IT infrastructure by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members. He/she deploys the Sigfox Security policies he has defined throughout the company and the appropriate response to any security related crisis.
  • Leads the definition, deployment and continuous improvement of SIGFOX security architecture strategy.
  • Partners with SIGFOX cloud architects, other functional area architects and security specialists to ensure adequate security solutions are in place throughout SIGFOX and its network operator partners to mitigate identified risks, and to meet business objectives and regulatory requirements.
  • Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
  • Keep abreast of evolution in the field of the job by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional litterature.
  • Serves as a security expert in all aspects of SIGFOX engineering and IT activities, helping project teams comply with SIGFOX security policies, industry regulations, and best practices.
  • Evaluates and develop secure solutions, based on approved security architectures. Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks.
  • Authors SIGFOX policies and standards architectures that guide staff with security and risk management planning. Insure adherence to these policies and standards throughout the company.
  • Communicates security risks, solutions and continuous improvement to business partners and SIGFOX management and staff and drive the implementation of required corrective actions.
  • Diligently maintain Sigfox Information & Data Security Framework and underlying policies, procedures, standards and guidelines
  • Take the lead on developing, maintaining and updating the Information & Data Security Strategy and Information Security Program
  • Actively ensure appropriate administrative, physical and technical safeguards are in place to protect Sigfox information & data assets from internal and external threats
  • Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
  • Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organization and external resources
  • Make it a priority to see that  disaster recovery and emergency operating procedures are in place and tested on a regular basis
  • Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
  • Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards
  • Ensure effective staff training programs are in place to increase security awareness across Sigfox

 

 

SKILLS

 

  • Bachelor's or Master's degree or PhD in Computer Science, Information Systems or other related field; or equivalent work experience.
  • 10+ years security work experience including infrastructure, systems, vulnerability testing, audit, or secure enterprise application software development.
  • Sound understanding of security principles, such as network security, identity and access management, vulnerability management, and secure coding.
  • Broad understanding of  security technologies and expert knowledge of Cloud security concepts (SaaS, PaaS, IaaS), network and application security and/or data protection.
  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
  • Team player and strong project management skills
  • Strong communication skills with ability to interface and communication efficiently with a broad range of roles and people (technical, business, management, partners and vendors) both internally with our teams and externally with partners/customers etc.
  • Fluent English & French

 

Sigfox, as a learning organization and open minded on Diversity is ready to welcome Extra-ordinary people and adapt their workplace 

 

Detail

Labège

Full time