Skip to main content

Senior Associate Information Security, Global Security Office

Posted: 25 Jun 2021 Closes: 25 Jul 2021
London, United Kingdom Competitive
Permanent & Full-time 1885034400

Company Description

Publicis Groupe is one of the world's leading communications groups.

The Groupe offers a full range of services and skills: digital, advertising, public affairs, corporate communications and events, media strategy, planning and buying, healthcare communications, and brand asset production. The company is present in 108 countries and employs in excess of 77,000 professionals. In 2015 the company had a revenue of EUR 9.6B and net income of EUR 901MM.

Re:Sources provide shared services to Publicis Groupe agencies including IT, Global Security, Finance, Legal, Treasury, Procurement, Property Services, HR, Payroll and Tax. They operate 40 SSCs across the globe supporting 63 markets and have approx. 4,000 employees.

Job Description

This position is an active member of the Global Security Office (GSO), the security organization of Publicis Groupe under Re:Sources, responsible for supporting security compliance activities globally to Groupe agencies. This position supports security requirements of Publicis Groupe, it's agencies, and ensures the success of business by working collaboratively with internal and external stakeholders. This position also coordinates dependencies across the disciplines and organization to understand and address the ever-changing security landscape and security-related business requirements. This position reports into the Manager, Information Security.

The responsibilities associated with the position are as follows:
  • Contributes to the broad range of global initiatives as guided by the Leadership of the Global Security Office team.
  • Perform Security risk assessments of Projects and Suppliers using security risk assessment methodology.
  • Serves as a consultant on administrative, physical and technical security controls required for security compliance. Coordinates the implementation of security controls.
  • Perform Security risk assessment and Security architecture review of cloud solutions.
  • Reviews the client security requirements e.g. security terms in Master Services Agreements (MSAs), Statement of Work (SOW), etc. and ensures those requirements can be met by Publicis Groupe agencies through implementation of security controls.
  • Participates in client security discussions on contractual requirements and ensures a common understanding of the security controls required to protect the client information and other compliance requirements.
  • Responds to client security questionnaires, requests for proposal/information, annual compliance reviews, and attends client meetings.
  • Participates in internal and external security audits. Supports the Publicis Groupe agencies by managing the client-sponsored audits. Serves as the focal point of internal, external and customer security audit requests and testing.
  • Coordinates evidence production on request, coordinates availability of resources and systems, and ensures readiness for each audit cycle.
  • Provides support to Publicis Groupe agencies on security compliance topics such as ISO 27001 certification, and partners on certification / attestation initiatives as determined by business needs from time to time.
  • Maintains awareness of the current industry environment that shapes opportunities for client solutions (i.e. news events, trends, mergers, etc.).
ESSENTIAL JOB REQUIREMENTS:
  • Partner with agencies to address their clients' security requirements.
  • Promote business partnerships regarding compliance risk issues with internal and external stakeholders.
  • Maintain a support role in information security implementation. Implement improvement program for security compliance processes.
  • Demonstrate communication skills regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.
  • Demonstrate interpersonal, presentation, and relationship skills required for supporting the internal and external customers.
  • Language skills (oral, written and listening) : English and French
OTHER JOB REQUIREMENTS:
  • Good communication and presentation skills.
  • Ability to work effectively and collaboratively with stakeholders.
  • Willingness to work with geographically dispersed teams; may involve working during non-business hours occasionally to accommodate time-zone differences.
  • Travel: This position will periodically visit other offices; may require domestic or international travel.

Qualifications

Education & Certifications
  • Degree from an accredited University, preferably in Computer Science, Information Systems, or a related field; relevant working IT or security experience considered. Education and experience should also include auditing and/or operational risk management exposure.
  • Security certification such as ISMS Lead Auditor, ISMS Lead Implementer, CISA, CISM, CISSP or CRISC strongly preferred.
Experience
  • At least 3+ years of IT and / or information security-related experience, audit, risk or compliance experience.
  • Familiarity with general information security controls, processes and principles.
  • Experience in managing an ISMS (ISO 27001) implementation.
  • Exposure to other standards like SOX, SSAE 16, PCI:DSS.
Core Competencies
  • Team Work
  • Communication
  • Results Driven
  • Customer Focus
  • Relationships
  • Adaptability to Change
  • Continuous Improvement
Technical Competencies
  • Security Audits
  • Security Risk Assessments
  • ISO 27001 implementation
  • Security Documentation
If you would like help and advice about applying for this role please visit the Career Hive

Share Job

If you would like help and advice about applying for this role please visit the Career Hive