▷ Urgent Search: Regional Cybersecurity Officer

Mission

In charge of Cybersecurity of the Asia (excluding China) region: Japan, Korea, Thailand, Malaysia, Indonesia and India (~16,000 users, 3.4 BEUR sales)

➔ Act as the Cybersecurity point of contact for the region

➔ Functionally manage an international team of 5 Sites Cybersecurity Officers spread across the region

➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sites

➔ Coordinate the Cybersecurity incidents in the region

➔ Provide reporting of the region

➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programs.

➔ Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific missions

➔ Regularly travel within the region to meet your team, key stakeholders, and ensure that the ISSP is properly applied.

Reporting line:

Hierarchical: Asia Information Systems Director

Functional: Group CISO (Chief Information Security Officer)

Responsibilities :

Accountability

➔ Act as the Cybersecurity point of contact for the region

- For the Group CISO (Chief Information Security Officer) and the Cybersecurity organization
- For the legal representatives
- For the customers
- For the partners and suppliers

➔ Functionally manage the Sites Cybersecurity Officers

- Organize and lead the regular Cybersecurity meetings with the Sites Cybersecurity Officers of the region
- Relay the Cybersecurity communications and actions to the Sites Cybersecurity Officers of the region
- Coordinate the translations performed by the Sites Cybersecurity Officers regarding the Cybersecurity communications, eLearning, TIPs

➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sites

- Disseminate Group standards, rules and best practices to the Sites Cybersecurity Officers
- Control and validate the Valeo ISSP compliance for all the sites of the region. If mandated by the Group CISO, act as delegate to provide exemptions. Alert Sites Cybersecurity Officers/Group CISO in case of deviation.
- Manage the Cybersecurity action plans of the region.

➔ Coordinate the Cybersecurity incidents in the region

- Ensure capitalization within the region following Cybersecurity events and incidents

➔ Provide reporting of the region

- Provide regular and on-demand reporting to the Group
- Follow and report the OEMs Cybersecurity requirements of the region

➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programs

➔ Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific missions

Responsibility

➔ Act as the Cybersecurity point of contact for the region

- Participate to the external security assessments (customer mandated audit) and act as delegate of Group CISO.

➔ Functionally manage the Sites Cybersecurity Officers

- Develop knowledge of the Sites Cybersecurity Officers
- Manage their training.

➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sites

- Define and follow improvement plans with the Sites Cybersecurity Officers
- Perform or control, by Group CISO delegation, risk assessments for, but not limited to, projects, sites, third parties.

➔ Coordinate the Cybersecurity incidents in the region

- Ensure that all non-compliances, abnormal Cybersecurity events, and Cybersecurity incidents are raised by the Sites Cybersecurity Officers.
- Ensure swift resolution of Cybersecurity incidents with the Sites Cybersecurity Officers and the Group CIRT (Cybersecurity Incident Response Team).

➔ Provide the reporting of the region

- Inform the Continental IS Director(s) of the region for all aspects related to Cybersecurity non-classified as 'Secret'.
- Request the authorization to have an exemption to the Valeo ISSP whenever it is mandatory to fulfill a law/regulation linked to the region activity.

➔ Others

- Upon request, act as Group CISO delegate to perform some specific missions
- Act as internal Cybersecurity risk auditor for the other regions.

Contribution

➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programs

- Contribute to Group Cybersecurity programs
- Propose, to Group CISO, initiatives to improve:
- Cybersecurity of the region
- Valeo ISSP, Group standards and rules
- Cybersecurity KPIs

Experience Required :

- Above 10 years of relevant experience in Cybersecurity
- Worked in an international company in a multicultural environment.
- Knowledge and experience linked to Cybersecurity standards (ISO 2700x, NIST, NIS…)
- Knowledge and experience in technical topics such as malware, patch management, firewalling…
- Other infrastructure / network / system / database / application experience
- International team management experience
- International stakeholder management experience
- Cybersecurity Incident management experience