Cybersecurity Risk Modelling Expert

Job description

About Atos

Atos is a global leader in digital transformation with over 110,000 employees in 73 countries and annual revenue of over € 11 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information technology space. Its expertise and services support the development of knowledge, education as well as multicultural and pluralistic approaches to research that contribute to scientific and technological excellence. Across the world, the group enables its customers, employees and collaborators, and members of societies at large to live, work and develop sustainably and confidently in the information technology space.

 

You will be responsible for: 

·  Providing comprehensive cyber security risk assessment and reporting services to customers, sometimes as part of pre-audit, or aligned with cyber security risk assessment maturity level at customer’s organization
·  Assessment and mitigation cyber security threats/risks, validation system security requirements definition and analysis, elaboration application security documentation
·  assistance with the implementation of security procedures; verification of information system security requirements, performing of information system certification and accreditation, planning, testing, assessing and liaison activities
·  Reviewing security architectural documentation standards and providing architectural cyber security features and relate existing system to future needs and trends and requirements.
·  With regard to FAIR methodology:
·  Formulation, execution and management of standardized and custom FAIR risk quantification analyses, Enterprise risk quantification requirements identification and management,
·  Development, application and maintenance of FAIR-based models, standard analysis scenarios and risk quantification tools/techniques
·  Formulation, execution and management of risk quantification data strategies and associated technical platform development
·  Identifying vulnerabilities in applications and infrastructure and translating them into risks to customer’s business
·  Elaborating or implementing other than FAIR, or customer-specific quantitative cyber security risk assessment methodology to customer’s risk organization unit
·  Providing advisory or risk opinion on risk identification and treatment
·  Work based on international standards using state-of-the-art tools Vose Software, FAIR, AIE approach, etc.
·  Identification of internal and external primary/secondary loss, threat event and susceptibility data/information
·  Formulation of the bid, execution and management of a dedicated risk quantification engagement
·  Facilitation of risk quantification meetings and working group sessions both for Atos and customer’s teams

 

Essential skills and competencies:

·  Master's degree in Computer Science, Engineering, Risk assessment, Insurance, or related field or equivalent work experience.
·  More than 5 years’ experience in significant risk quantification and/or risk management projects 
·  Familiarity with/experience using FAIR Institute, Operational Risk/Operational Loss/LOB experience at a Financial Institution, Application Information Economics (AIE), OWASP, NIST, OCTAVE, PCI DSS Risk Assessment Guidelines
·  Threat Modeling and/or Rapid Threat Assessment development experience
·  Holder one of the following certificates: FAIR, AIE Analyst level 1/2, RIMAP, CISSP, CRISC, CISA, CRMA, CGEIT, CISM, ISO 27001, CISRA (Certified Information Security Risk Assessor), CPISI (Certified Payment Card Industry Security Implementer) certification or equivalent.
·  Practical knowledge of ModelRisk, Tamara, @Risk, FAIR or other quantitative risk assessment software,
·  Strong subject matter expertise in risk quantification, management, governance and development of risk limits, risk models  
·  Fluent English is a must, Intermediate or Fluent German or French is a great plus
·  International mobility to serve our global clients and work with our global clients (50-100%) Europe or other continents
·  EU work permit is a must, US visa is a plus
·  UK Security Clearance or UK citizenship – is a big plus

 

What we offer:

·  Work for an organization holding the "Best Place to Work" title
·  Competitive salary package (including bonuses)
·  Private medical care and life insurance
·  Benefit program (including Multisport card)
·  German and English language courses
·  Participation in the international challenging IT activities along with opportunity of implementing own ideas and improvements
·  Internal and external technology trainings
·  Access to our knowledge library and interdisciplinary IT e-learning portals

 

Here at Atos, we want all of our employees to feel valued, appreciated, and free to be who they are at work. Our employee lifecycle processes are designed to prevent discrimination against our people regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes them unique. Across the globe, we have created a variety of programs to embed our Atos culture of inclusivity, and work hard to ensure that all of our employees have an equal opportunity to contribute and feel that they are exactly where they belong.