Cette offre n’est plus disponible.

Head of Cyber Security EuroAPI M/F

CDI
Antony
Salaire : Non spécifié
Télétravail non autorisé

Sanofi
Sanofi

Cette offre vous tente ?

jobs.faq.title

Le poste

Descriptif du poste

Sanofi will establish a major active pharmaceutical ingredient company in Europe. The standalone company headquartered in France will combine Sanofi’s API commercial and development activities with six of its European API production sites, located in five countries (France, Italy, Germany, UK, Hungary) and sales in 80 countries.

We are looking for a Head of Cyber Security to support the activities of this future new company (“EuroAPI”).

JOB PURPOSE

The Head of Cyber Security manages the cybersecurity posture of EuroAPI representing 6 industrial sites in Europe and 13 commercial implementations worldwide (North and south America, Est and West Europe, Asia).

  • He/she is responsible for ensuring an adequate security posture of EuroAPI, through the adoption of security measures, solution and processes, in order to protect EuroAPI data and the continuity of business operations from potential cyber-attacks
  • He/she manages security needs related to business initiatives, collaborates with business functions in the identification and management of cyber risk, ensures an adequate reporting to the Top Management and ensure compliance with local cyber laws
  • He/she manages a team of 4 to 5 internals in addition to externalized resources and services

PRIMARY DUTIES & RESPONSIBILITIES

The Head of Cyber Security oversees and leads the operations that ensures EuroAPI is in position to anticipate cyber threats and incidents and establish the right level of protection for customers, people and operations.

Thus, the Head of Cyber Security officer is responsible for:

  • Defining and implementing a Cyber Security Strategic Plan at EuroAPI level in compliance with the applicable Cyber local Laws
  • Identifying EuroAPI security risk exposure as well as the proper actions and the needs to mitigate the security risks
  • Implementing at local level the cyber policies
  • Ensuring the adoption of proper security measures, related to endpoints, applications and infrastructure, to protect the data according to the sensitivity level to prevent and avoid unauthorized access and risks of data loss according to applicable laws, Security Standard and operating procedures
  • Ensuring the implementation of adequate process related to Vulnerability Management and Patch Management
  • Ensuring a proper readiness of cyber security capabilities in responding to cyber attacks
  • Ensuring a proper management of security incidents, with the support of the other group entities involved, and the potential activation of Group processes and capabilities (e.g. Group Crisis Management process)
  • Ensuring the reporting to Top Management about Security Strategical plan implementation, security threats or critical incidents happened in EUROAPI perimeter, quarterly, or when necessary
  • Launching training and awareness initiatives to improve the security posture of employees on cyber threats
  • Proposing and managing the necessary budget and investments to deliver his mission

PROFILE

  • Relevant experience in Cyber Security in an international group
  • A practice within a manufacturing or process industry is recommended for leading the significant industrial footprint of EuroAPI
  • Demonstrated experience understanding of technical aspects of IT AND OT technology and core security components more such as network, firewall, proxy, VPN, anti-malware, email protection and filtering, system security controls, vulnerability assessment, penetration testing, incident management
  • Demonstrated experience understanding security risks, identifying gaps, and creating risk-mitigating and remediation plans, drawing up IT Security roadmap
  • Team Management & Leadership
  • Organized, self-sufficient with ability to manage teams globally and drive change
  • Ability to prioritize and execute tasks in a high-pressure environment
  • Ability to engage with Business Leaders of his/her perimeter
  • Analysis and synthesis skills
  • Excellent written, oral, and interpersonal communication skills (English)
  • One or more of the following certifications is a plus:
  • CISM or CISSP
  • Microsoft Certified Systems Engineer: Security
  • GIAC Security Essentials
  • Certification Risk ISO 27001, ISO 22301, IRAM 2 or eBios Risk Manager (ANSSI)

Envie d’en savoir plus ?

D’autres offres vous correspondent !

Ces entreprises recrutent aussi au poste de “Cybersecurity”.