Your qualifications required

• Operate the “CISO Release Management” service for all development executed by CISO on CISO assets ensuring best practices are applied for smooth transition into (pre) production environment.  
  
  
  
  • Identify, collect and bundle where appropriate CISO change items into collections of release items, verifying their compatibility & assessing their impact on the target environment;
  
  
  • Build and maintain high level and detailed CISO releases planning;
  
  
  • Perform a quality assessment of the changes through the production acceptance criteria, incl. operational readiness, security and compliance;
  
  
  • Monitor and report risks associated with non-compliance to the System Delivery Life Cycle (SDLC); 
  
  
  • Prepare reporting on planned releases, highlighting residual risks and related mitigation actions to obtain the adequate endorsement; 
  
  
  • Follow-up on remediation in case of conditional authorization;
  
  
  • In case of incidents (during the launch phase or just after), coordinate root cause analysis, support teams in charge of the resolution of those gaps, and if applicable, define & implement mitigations to prevent any new occurrence of similar issue in the future.
  
  


• Provide support when SDLC (System Delivery Life Cycle) IT controls  fail, and ensure an adequate follow-up until the full remediation (limited to “ Manage Change  Acceptance & Transitioning” process).


• Reinforce the usage of good practices
  
  
  
  • Be an evangelist within CISO and with other communities in charge of release (Change Managers, Product owners, Test leads,…), to ensure the awareness and the right understanding;
  
  


• Act as a contact point for CISO resources needing guidance an help on release practices.


• Drive and execute small to large-scale initiatives aimed at addressing identified gaps or weaknesses within our domain, ensuring alignment with organizational standards and objectives.

Skills

To strengthen our team, we are looking for a candidate with experience in the following areas:

• Good knowledge to system and software development and testing security guidelines; 
  Our IT solutions refer to cloud and on-premises solutions including mainframe and virtual or physical distributed systems;


• Familiarity with methodologies such as Agile, DevOps, and CI/CD practices, with an appetite for learning and adapting to new approaches;


• Good understanding to various information security and cyber domains particularly identity and access management, certificate management, network security and data protection;


• Ability to build up an overarching while detecting potential pain points, and to draw conclusion and priorities;


• Ability to build clear and concise report supporting decision making;


• Team player with strong communication skills, collaborative spirit, being able to discuss, defend and translate risk topics with both senior business people as with deep technical IT experts;


• Independent, service-oriented and organized.


• Able to operate within an international/multi-cultural, networked environment;


• Fluent in English (speaking and writing).

#LI-NS1