Information Systems Security Manager (H/F)

Information Systems Security Manager (H/F)

With 1,500 employees and 14 factories on 3 continents, STERIMED is the world's leading manufacturer of materials and packaging systems made from renewable resources for the sterilization of medical devices. This is a market with strong structural growth and absolute requirements for quality and safety. Sterimed develops, produces, processes, and markets various types of solutions, such as substrates forming bacterial barriers and preformed sterilization packaging, both for hospitals and medical device manufacturers.

As an LBO company, Sterimed is characterized by a strong entrepreneurial spirit and has pursued a very dynamic external growth policy for several years. Since its founding in 2016, the size of the group has increased 4.5 times, and 10 acquisitions have been made since 2017.

The Information Systems Security Manager is responsible for the development, review, implementation, and maintenance of the group's information systems security program. He/She reduces risks within the organization by ensuring that employees are aware of, understand, and adopt information security policies and security-oriented behavior.

• Develop, implement, and monitor a comprehensive strategic program to manage the company's information security and IT risks.
• Collaborate directly with various departments to facilitate risk assessment and management processes.
• Develop and improve an information security management framework.
• Ensure the consistency of policies and standards across all technology projects, systems, and services by interacting with related disciplines through committees.
• Lead Sterimed’s information security organization.
• Work in partnership with company stakeholders to raise awareness of risk management issues.
• Contribute to the overall technological planning of the company by providing current expertise and a future vision of technology and systems.

Tasks

• Identify and assess key human risks to the organization and the behaviors to be modified to mitigate these risks.
• Develop, review, and maintain a security awareness program aimed at reducing these risks.
• Collaborate with business units to enhance security awareness and comply with regulatory standards.
• Ensure employees and third parties understand, accept, and comply with information security policies.
• Encourage employees to adopt a security-focused mindset beyond mere compliance.
• Promote overall employee engagement in security.
• Implement and manage measures to assess compliance with security policies and the effectiveness of the awareness program.
• Implement network monitoring and intrusion detection analysis using various network defense tools such as intrusion detection/prevention systems (IDS/IPS), firewalls, and host-based security systems (HBSS).
• Monitor network activity to detect trends in unauthorized use.
• Review alerts and sensor data, then document formal technical incident reports.
• Research emerging threats and vulnerabilities to help identify network incidents.
• Provide incident response support for network subscribers, including mitigation actions to contain activity and facilitate analysis if necessary.
• Ensure new computers, software, switches, and routers are tested before implementation to guarantee security.
• Support the creation of business continuity and disaster recovery plans, including conducting disaster recovery tests, publishing test results, and implementing necessary changes to correct deficiencies.

Technical Skills

• Over 5 years of successful experience as a manager in IT operations.
• Knowledge of major information security management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST standards, including 800-53 and the Cybersecurity Framework.
• Good understanding of business management and practical knowledge of information security risk management and cybersecurity technologies.
• Up-to-date knowledge of methodologies and trends in business and IT.

Interpersonal Skills

• Excellent written and verbal communication skills in English and French, interpersonal and collaborative abilities, and the ability to convey information technology to both technical and non-technical audiences at various hierarchical levels, from board members to technical specialists.
• Ability to demonstrate leadership in a wide variety of technical areas and situations.
• Ability to communicate clearly and convincingly in meetings and discussions, as well as through major reports and presentations using appropriate tools and techniques.
• Adaptability and flexibility to handle non-routine or unexpected situations.
• Excellent management of relationships with business partners and subcontractors.
• Pragmatism.

Sterimed is committed to creating an inclusive and accessible work environment for all. Please do not hesitate to mention any necessary adjustments to facilitate your participation in the recruitment process.

Attach your resume (PDF or Word file only, 5 Mo max.) *

Attach your motivation letter (PDF or Word file only, 5 Mo max.) *

By submitting this form, you agree that the data provided will be used to contact you.
I acknowledge having read the Privacy Notice *

#J-18808-Ljbffr