International Olympic Committee
Description de l'offre
The IOC is seeking a Cybersecurity Architect. Based in Lausanne, Switzerland, the Cybersecurity Architect will be responsible for ensuring that cybersecurity best practices are deployed and maintained across the organisation.
The right candidate will have a broad range of cyber and IT security related experience. Whilst the role is not ‘hands on’ from a technical perspective, it will require liaising with IT operations, network team, SOC, and other third parties. A technical background, and the ability to articulate security topics to both a technical and non-technical audience, is a must.
This is an exciting opportunity to work with an extremely high profile, international organisation.
- Ensure adequate cybersecurity measures are in place to protect the Organisation against cyber threats.
- Advise and support IT security processes across the Organisation.
- Support IOC business departments in achieving adequate security posture in their day to day activities and for their provided services.
The Cybersecurity Architec is responsible for designing, implementing when necessary and testing security controls and systems. This is to ensure cybersecurity is adhered across the Organisation to protect IOC’s information and information systems. The primary responsibilities the Cybersecurity Architec will include, but not be limited to:
– Responsible for designing, implementing when needed and testing security controls and systems in line with IOC business and threat context.
– Defining and maintaining IT security standards and procedures in line with common practices and Organisation requirements.
– Ensuring « Security by Design » of IOC projects by:
– Identifying security requirements and appropriate security measures.
– Following-up on security measures implementation and effectiveness before project go-live.
– On-going periodical review on current security measures for existing business services, recommending and implementing enhancements when needed.
– Continuously update security systems to address current threats and technology evolutions.
– Actively support IOC lead technology and IT security strategy including where possible elements of innovation.
Consulting & Advice
– – Support cyber security and counter-surveillance security needs of IOC departments.
– Support DTI from a cyber security perspective in their activities.
– Act as a subject matter expert to support key stakeholders including the Chief Security Officer, the Data Protection Officer (DPO), the DTI Director and other IOC Leadership as needed. Special focus will need to be given to the Office of the IOC President, the Office of the IOC Director General, the Ethics and Compliance Office, and other critical and sensitive functions of the IOC.
– Support DTI in the adoption of the NIST Framework for improving Critical Infrastructure Cybersecurity and in deploying an Information Security Management framework based on ISO/27001.
– Engage with appropriate DTI resources to address new IT and cyber security needs that may be identified.
– Manage the ongoing process of vulnerability management.
– Conduct in-depth security risk & threat assessment for new and existing product & solutions in order to help identify weaknesses or security exposures.
– Ensuring vulnerability management processes are effective.
– Support vulnerability management remediation including the support for patch management processes.
– Responsible for the relationship between the IOC and the managed security service provider.
– Refining and testing the IOC incident response process.
– Support the IOC cyber incident response lead for significant incidents, and act as subject matter expert as needed when smaller incidents are dealt with by onsite teams.
– Staying abreast of developments in cyber security.
– Ensuring the technologies, the IOC uses remain suitable and consistent with the organisations risk appetite and working practises.
– Dealing with other cyber security related challenges that may arise.
Education; language and IT competences
• Higher education qualification or equivalent (master’s/bachelor’s degree, Federal diploma, etc.) or equivalent professional experience in relevant topic
• A minimum of 5 years’ experience in the field of corporate IT security or cybersecurity
• Desirable background in information security Management or IT Audit related role
• Experience in supporting information security related incident and crisis management.
• Proven knowledge of information security related standards and regulations, such as NIST Cybersecurity Framework, ISO/IEC 27001, 22301, or Data Privacy Legislation
• Security certification desirable: CISM, CISSP/CISA or equivalent
• Fluent in English with good written and verbal skills in the French is advantages.
• Ability to communicate with, and write for, both a technical and non-technical audience
• Ability to work effectively and diplomatically in a dynamic, international, multicultural environment
• Ability in operating with a high level of autonomy and manage others to ensure delivery to agreed timescales.
• Excellent knowledge of modern Windows and Office 365 environment, along with technical security background
• Range of technical experience necessary, ideally having previously been used in a security context
The International Olympic Committee is a not-for-profit independent organisation committed to building a better world through sport. By joining us, you become part of the Olympic Movement. You will have the opportunity to work in an international and flexible environment with people of more than 50 nationalities.
Pour postuler à cette offre, veuillez visiter career2.successfactors.eu.