Cybersecurity and vulnerability project manager h/f

Nous sommes SThree. Le partenaire mondial des talents spécialisés dans les STEM.

Nous mettons en relation des spécialistes recherchés en sciences, technologies, ingénierie et mathématiques avec des organisations dynamiques grâce à nos différentes marques (Computer Futures, Huxley et Real Staffing)

Nous recrutons des professionnels hautement qualifiés - contractuels ou permanents - quand et où ils sont nécessaires.

En réunissant des personnes compétentes, nous élevons le niveau d'expertise et accélérons le progrès pour tous. C'est ainsi que nous construisons l'avenir. Service description - Attack surface Project management Service-

Context

Cyber Defense is driving a project to establish and monitor a security single source of truth. The goal is to define one single source of truth of assets to protect and remediate what matters the most

Align the needs of security around asset management with IT programs, contribute to reduce our attack surface
Manage our vulnerabilities centrally in a global platform

Service

The service will BE accountable of the success of the program

* The service will apply project management expertise and drive the program following the standard best practices and also the client methodology
* The Service will BE required to ensure the program is On Time, On Budget, On Scope
* The Service will BE required to manage stakeholders
* The Service will BE required to apply the group Cyber Defense governance and methodology
* The Service will present the solution to entities
* The Service will BE required to deploy and implement the service to the entities in scope
* The Service will BE required to organize and transfer the service to the BAU team

Control the attack surface : Process to decommission unneeded assets or mitigate non remediable ones implemented; Inventories of assets and 3rd parties maintained and monitored, including security requirements
Vulnerability management : Officialise the product as Class1; Start the roll-out of the solution to entities and incrementing data sources including new class 1 tools
Security risks' view : Run a PoC on the tool selected, define an inclusive approach to link risks with assets / 3rd parties and vulnerabilities, define an implementation roadmap, implement the global remediation process.

Deliverables

Detailled plans with Group Security

* Configuration and entities communication
* The Service will BE deliver Sign off from the BAU
* The Service will BE deliver Project plan - communication plan - Planning - Steering committees/Project committees packs and minutes
* The Service will ensure to store and update on mandatory documents requested by the client Internal controls including : Term Of Reference, meeting packs, minutes, Risk logs, Change management logs, Action logs, Financial actuals/forecast, KPI, Deliverables list & status.