Cybersecurity Foss Manager- Gisacc

Cybersecurity FOSS Manager
- GISACC - ( 220009BO )

**Mission**

Manage a dedicated Cybersecurity scope ('Center') and the associated team:

- Suggest the organization among the 'Center'
- Manage the dedicated team
- Define/update the processes of the 'Center', implement their deployment, control their good applicability, and follow the corresponding action plans
- Manage the projects of the 'Center'
- Perform the Cybersecurity watch related to the 'Center'
- Contribute to the evolution of the CSMS (CyberSecurity Management System), including CSMS-I (for Information Systems) and CSMS-V (for Vehicle & Product)
- Ensure the associated training and communication, and contribute to develop the Cybersecurity mindset within the company

**Responsibilities**

***Accountability**:

- _
- _ _ _Manage the dedicated team_
- Manage the careers
- Enhance team efficiency
- Ensure upstream and downstream communication
- Perform day-to-day management
- _
- _ _ _Define/update the processes of the 'Center', implement their deployment, control their good applicability, and follow the corresponding action plans_
- Define/update the corresponding processes
In terms of organization, methodology, tools, reporting, continuous improvement
- In accordance with Valeo CSMS, including CSMS-I and CSMS-V, Cybersecurity standards, regulations, best practices and/or needs, Valeo environment (organization, evolutions, methodology, tools)
- Manage internal documentation to ensure processes are well documented
- Implement and deploy the processes taking into account Valeo organization
Provide the training supports and train the relevant actors
- Coordinate the relevant actors to reach the aims of the 'Center'
- Create control tools when needed and control:

The appropriate usage of the 'Center' tools
- The respect of the methodologies
- The accuracy of the end-users reporting
- Follow the different action plans related to the 'Center'
- Provide the expected KPIs
- Enhance the processes in a continuous improvement strategy
- _
- _ _ _Manage the projects of the 'Center'_
- Study the market to know the different solutions in relation with the 'Center'
- Write the RFPs (Request For Proposal) and analyze the answers
- Suggest which supplier/solution to choose in coordination with the other departments
- Manage the project(s) to implement the solution(s) within Valeo IS:

Organization (team, governance )
- Planning
- Committees
- Implementation of the chosen solution(s)/tool(s)
- Reporting
- Manage the third parties (suppliers, partners)
- _
- _ _ _Perform the Cybersecurity watch related to the 'Center'_
- Continuously learn all topics related to the 'Center' (law and regulatory requirements, standards, best practices, solutions ) and share the major points within the Cybersecurity organization
- Raise to the management and to the Cybersecurity 'Center' team any critical or major change in the standards/regulations or technical requirements linked to the 'Center'
- Cultivate relations with external actors working in a similar activity
- _
- _ _ _Ensure the associated training and communication, and contribute to develop the Cybersecurity mindset within the company_
- Answer to questions related to the 'Center' during audits (internal, external, client...)
- Whenever needed, train, communicate, and provide support to the teams so that they respect the Valeo CSMS, including CSMS-I and CSMS-V, the standards and/or the regulatory requirements related to the 'Center'
- Respond to requests from the various Valeo entities

** **Responsibility**:

- _
- _ _ _Define the organization among the 'Center'_
- Define the organizational and technical measures to be implemented to achieve the objectives of the Cybersecurity 'Center', and submit it for approval to the Group Cybersecurity VP
- _
- _ _ _Manage the dedicated team_
- Recruit team members
- _
- _ _ _Define/update the processes of the 'Center', implement their deployment, control their good applicability, and follow the corresponding action plans_
- Based on the Valeo CSMS, including CSMS-I and CSMS-V, requirements, write the Cybersecurity rules related to the ‘'Center'’
- Industrialize the way to provide the KPI of the 'Center'

** **Contribution**:

- _
- _ _ _Contribute to the evolution of the CSMS (CyberSecurity Management System), including CSMS-I (for Information Systems) and CSMS-V (for Vehicle & Product)_
- Based on the 'Center' activity and specific needs/constraints, suggest improvement of the Valeo CSMS, including CSMS-I and CSMS-V
- Request the authorization to have an exemption to the Valeo CSMS, including CSMS-I and CSMS-V, whenever it is mandatory to fulfill a law/regulation linked to the 'Center' activity
- _
- _ _ _Ensure the associated training and communication, and contribute to develop the Cybersecurity mindset within the company_
- Promote Cybersecurity within the company
- Contribute to improving the level of Cybersecurity maturity within Valeo
- _
- _ _ _Other_
- Contribute to