Cybersecurity expert - GRC

Posted:
12/10/2024, 3:13:47 AM

Location(s):
Paris, Ile-de-France, France ⋅ Ile-de-France, France

Experience Level(s):
Senior

Field(s):
IT & Security

Murex is a global fintech leader in trading, risk management and processing solutions for capital markets.

Operating from our 19 offices, 3 000 Murexians from over 60 different nationalities ensure the development, implementation and support of our platform which is used by banks, asset managers, corporations and utilities, across the world.

Join Murex and work on the challenges of an industry at the forefront of innovation and thrive in a people-centric environment.

You’ll be part of one global team where you can learn fast and stay true to yourself.

Your Team

Would you like to join our line of defense against cyberattacks? Anticipate and detect cybercriminal threats. Join the Murex information security team as a Security Expert and get the opportunity to work with cutting-edge data security technologies and gain invaluable experience in a global multinational environment.

You’ll collaborate with skilled professionals across various regions and business lines, expanding your expertise for a multinational software vendor company.

Be part of a mission-driven team dedicated to safeguarding critical information and contributing to a secure, resilient organization.

Your Role

Support the development, review, and maintenance of information security governance, risk and compliance framework.

  • Collect measures and report on Compliance with policy, Standards, and requirements.

  • Review requests for exception & set recommendation

  • Assesses and maintains overall security by conducting Security assessments (vulnerability analysis, penetration test, risk assessments, architecture review) and monitoring security controls

  • Determines security requirements

  • Investigate and utilize new technologies, tools and techniques to enhance security capabilities and performance.

  • Analyze and test existing systems, networks, components, controls and make recommendations for changes or improvements

  • Recommend countermeasures, security techniques, tools and vendor products to mitigate security vulnerabilities and strengthen the overall security posture.

  • Determines and reports security incidents, abnormalities, violations and inefficiencies.

Develop a comprehensive view of information security landscape, highlighting key risks, threats, and vulnerabilities impacting the organization (common areas of risk, control failures, etc.) and thus support the evolution of information security.

  • Evaluate cybersecurity maturity against recognized standard such as NIST, Cybervadis and SOC2

  • Assess Third party cyber maturity

  • Assess the effectiveness of the existing cyber security program, including identification of the strengths and weaknesses of the infrastructure/network installation, applications and application services, critical utilities, and implemented communication technologies.

Promotes and raises awareness through different means such as training, e-learning and communication.

  • lead, communicate, evangelize on subjects related to information security and basic principles (Security by design, security best practices, minimum security requirements, Data privacy, etc.)

  • Participate in the continuous awareness program implementation, deployment and monitoring.

Supports our pre-sales and client services activities by answering client’s security questions, audit and cybersecurity maturity evaluation.

Required Qualifications
 

5+ years of information security

Desired Qualifications

  • Information Security Risk & controls framework

  • Ability to manage complex issues and develop solutions

  • Excellent verbal and written communication skills

  • Knowledge and understanding of technical security

  • Ability to prioritize work, meet deadlines, achieve goals, and work in a dynamic environment

  • Ability to execute in a fast paced, high demand, environment while balancing multiple priorities

  • Knowledge and understanding of process design, modeling, and development

  • Relevant certifications preferred (e.g., CISSP, CISM)