Pentesting Coordination Service Contrat : CDI

Référencée au sein de nombreux grands comptes en tant que fournisseur de prestation IT, Excel Management Conseil est une société de services en informatique existante depuis plus de 10 ans.

Riche d’une expérience significative en France et en Europe, notre groupe E.X.M.C se positionne en tant qu’acteur majeur sur le marché des sociétés de services en ingénierie informatique.

Nous intervenons à la fois sur des périmètres Métiers, Techniques et Opérationnels. Notre groupe affiche un effectif de plus de 300 collaborateurs disponibles et mobiles.

Nous sommes structuré autour de Quatre Pôles :

• Le Consulting et Assistance à Maîtrise d'Ouvrage (MOA, AMOA) dédié Banques, Finance, Assurances.
• L’ingénierie applicative (La maîtrise d'œuvre de projets informatiques (MOE), Ingénierie de développement, TMA, TRA, …)
• La production et les infrastructures (Ingénierie, Assistance Technique infogérance, architecture systèmes et réseaux, sécurité, cyber sécurité , Digital…)
• L’Informatique Décisionnelle et BIG DATA (Architecture(Avant-vente/POC/ Pilotage Projet) , Développement, Expertise (Hadoop,NoSQL, …))

• Coordinate technical assurance activity e.g. penetration testing, application code review and vulnerability scanning
• Coordinate technical assurance reporting and metrics for internal review
• Liaise with solution engineers, designers and business/system/asset owners for issue resolution

Key Accountabilities :

• Collaborate with the internal requestors in order to define the scope and activities related to technical assurance for the Group products
• Schedule and coordinate security testing globally maintaining relationships with the testing vendors
• Evaluate the audit results for consistency and reporting quality
• Strong expertise related to cyber défense able to assess technical assurance activities
• Evaluate and select vendor with the correct tools and technologies to perform assurance activities
• Accountable for the delivery of directly assigned Penetration Tests
• Accountability for the delivery of assigned Penetration Tests that are to be conducted by approved vendors
• Accountable for the management of assigned Penetration Test vendors
• Ability to work without supervision
• Expertise of penetration test tools (Burp Suit, Metasploit, Nmap, Wireshark) and methodologies
• Expertise of cyber defence best practices, procedures

Coordination & Project management Expertise:

• Leadership. Project leadership was a hot topic this year. ...
• Negotiation.
• Scheduling.
• Cost Control.
• Risk Management.
• Contract Management.
• Critical Thinking.
• Communication.
• Project Recovery
• Meetings Management
• A Sense of Humour

• Minimum Bac+5 in Networks and Security.
• Proven 5 years in the same position

Certification :

• Project risk management standards and good practice is highly desired (e.g. ISO/CEI 27001)
• An information Security Certification is highly desired (CCNP Security, CEHv9/v10…or/and equivalent)
• Project management certification (e.g. PMP, PRINCE2) is an advantage
• Agile methodology (e.g. SCRUM or equivalent) is an advantage

Work Ethics

• Due to the sensitive nature of the task, the role holder must have a demonstrated high level of work ethics, secrecy and discretion. A background check will be performed.

Overall work expertise in the field:

• Expertise in scoping and execution of complex projects.
• Expertise supporting drug development projects preferred.
• Training and expertise in project management, office management, business administration.
• Familiar with project planning tools such as MS Project (or similar) and concepts such as task dependencies.
• Excellent Excel expertise preferred.
• Expertise of best practices around data security
• Expertise using an ITSM tool such as ServiceNow
• Strong fundamentals in network architecture and security norms
• Information Technology expertise, IT project management or technical project management (more than 10 Years)
• Expertise in managing complex Information Security projects (more than 1 year)

EXPERTISE & ABILITIES

• A developed sense for autonomous conduct of work including management of own workload versus involving other stakeholders and issue escalation
• Proven ability to work independently with minimal supervision; must be a self-motivated self-starter that can initiate ideas and take ownership of work
• Ability to learn new technologies quickly and with minimal guidance
• Diligent with attention to detail
• Apply analytical rigor to understand complex business scenarios
• Strong facilitation, negotiation and conflict resolution expertise
• Excellent communication expertise and ability to adapt communication styles to varied internal and external partners.
• English environment. (very important)