Sites Cybersecurity Officer

Valeo is a tech global company, designing breakthrough solutions to reinvent the mobility. We are an automotive supplier partner to automakers and new mobility actors worldwide. Our vision? Invent a greener and more secured mobility, thanks to solutions focusing on intuitive driving and reducing CO2 emissions. We are leader on our businesses, and recognized as one of the largest global innovative companies.

Mission

In charge of Cybersecurity of one or several Valeo sites in a Cybersecurity Region: ➔ Act as a Cybersecurity point of contact for the site(s)

➔ Coordinate the different actors of the site(s) for all Cybersecurity topics

➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their level of Cybersecurity

➔ Raise any non-compliance, abnormal Cybersecurity event, and Cybersecurity incident

➔ Manage locally the Cybersecurity events and incidents

➔ Provide the reporting of the site(s) to the Regional Cybersecurity Officer

➔ Contribute to develop the Cybersecurity mindset within the site(s)

**Responsibilities**:
Accountability
- Act as a Cybersecurity point of contact for the site(s) Act as the site(s) Cybersecurity point of contact for:

- Group Cybersecurity organization
- Regional Cybersecurity Officers
- Cybersecurity operations centers
- CIRT (Cybersecurity Incident Response Team)
- Act as the site(s) Cybersecurity point of contact for external Cybersecurity assessments (e.g. customer mandated audits)
- Act as the site(s) Cybersecurity point of contact for the Site BCP Manager regarding local BCP procedures
- Communicate within the site(s) for any topic related to Cybersecurity (awareness, rules, process...)
- Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their level of Cybersecurity
- Deploy Cybersecurity Group standards, rules and best practices in the site(s)
- Perform the Site Information Risk Assessments
- Control that the Cybersecurity requirements are fulfilled in the DRPs (Disaster Recovery Plan) of the site(s)
- Control that the Cybersecurity requirements, defined in the DRPs (Disaster Recovery Plan), are operational and well performed during each yearly DRPs (Disaster Recovery Plan) execution
- Raise any non-compliance, abnormal Cybersecurity event, and Cybersecurity incident
- Following the appropriate process, raise:

- Non-compliance to the Regional Cybersecurity Officer
- Abnormal Cybersecurity event to the Regional Cybersecurity Officer
- Cybersecurity incident to the Regional Cybersecurity Officer and CIRT
- Manage locally the Cybersecurity events and incidents
- Monitor and manage the alerts published by the Cybersecurity operations center (viruses, patches ) in the site(s)

Monitor the Cybersecurity events Record, report and manage the Cybersecurity incidents related to site(s) in coordination with the Regional Cybersecurity Officer (and CIRT if needed)
- Deploy remediation plans defined in coordination with the CIRT and/or the Cybersecurity operations center
- Provide the reporting of the site(s) to the Regional Cybersecurity Officer
- Report action plans progress, exceptional requests, troubles...
- Manage and provide the Cybersecurity KPIs of the site(s)

Responsibility
- Act as a Cybersecurity point of contact for the site(s)
- Realize the Site Information Compliance Assessment and update it when requested and/or following a major change in the site(s). Alert Regional Cybersecurity Officer in case of major deviation.
- Control that the Group Cybersecurity standards, rules and best practices are respected
- Act as internal Cybersecurity risk auditor for the other sites of the ‘Region’ (upon request of the Regional Cybersecurity Officer)
- Manage locally the Cybersecurity events and incidents
- Suggest capitalization in perimeter following Cybersecurity events and incidents
- Provide the reporting of the site(s) to the Regional Cybersecurity Officer
- Participate to the Regional Cybersecurity Officer’s Cybersecurity meetings
- Propose improvements of Group standards to Regional Cybersecurity Officer
- Other
- Upon request, act as Regional Cybersecurity Officer delegate to perform some specific missions

Contribution
- Coordinate the different actors of the site(s) for all Cybersecurity topics
- Contribute to Group Cybersecurity programs
- Deploy the Valeo ISSP (Information Systems Security Policy) within the sites, assess and improve their level of Cybersecurity
- Perform or control, upon Regional Cybersecurity Officer delegation, risk assessments for, but not limited to, local projects or other sites
- Contribute to develop the Cybersecurity mindset within the site(s)
- Assist and advise IS/IT people on Cybersecurity matters
- Translate the Cybersecurity communications, eLearning, TIPswhen requested by the Regional Cybersecurity Officer

Education/Training

What education and education level are necessary for the position? Required:
Bachelor’s degree or