What about our infosec department ?
Our Chief Information and Security Officer works closely with our headquarter in the UK. He is looking for a junior, fluent in English, with a strong background in compliance.

What is your challenge ?
Provide Line 2 assurance and compliance support for effective execution of line 1 security controls and adoption of a cyber security framework across LesFurets. Manage and build relationships with 3rd party suppliers, understanding their cyber security posture and data flows to ensure the protection of LesFurets data.

Key accountabilities and Responsibilities
• Manage due diligence paperwork on 3rd party suppliers which lesfurets share sensitive PII data with
• Form relationships with business areas and 3rd parties to ensure completion of the due diligence process
• Provide clear visibility and effective communication of risk and remediation plans to the senior manager
• Management of the Data Security Guardian (DSG) reporting, delivering effective line 1 security controls
• Identify any gaps and improve security controls enabling improvement with business areas
• Manage the timely completion of security processes, ensuring they are being followed on schedule (Exceptions, Vulnerabilities, Incidents etc.)
• Production of regular and accurate MI/reporting as required
• Dynamically improve assurance and governance processes within the team and deliver to the wider BGL Group
• Deliver assurance activity, as required, through the adoption of the security framework

Must have:
Understanding of working with security policies and governance frameworks
Scheduling and ordering skills to properly manage recurring and time based tasks & processes
Communication skills and the ability to interact at all levels within BGL Group and externally.
Knowledge of all Microsoft products specifically Excel and Visio
Fluent English speaker / writter

Cherry on the cake:
Knowledge of existing cyber security frameworks such as NIST, ISO27001 & CIS20.
Experience of delivering successful security awareness/training campaigns
Knowledge, proven by previous roles, of completing the due diligence process of 3rd parties.