1. Home
  2. IT development
  3. Regional Infosec Officer - Americas M/F

Offers “STMicroelectronics”

Expires soon
STMicroelectronics

Regional Infosec Officer - Americas M/F

  • Internship
  • Clare (Suffolk)
  • IT development
Apply Now

Job description



General information

 KEY INFORMATION:

  Location:  Americas, United states, Santa Clara

Type of contract: Regular

Job open date: 08/05/2020

Company department:  Risk Management and Information Security

 

 STMicroelectronics is a leading semiconductor company, a world key player thanks to our 43,200 employees including 8,300 working in R&D.

 ST’s products are found everywhere today. And together with our customers, we are enabling smarter driving, homes, factories, and cities, along with the next generation of mobile and Internet of Things devices. Everywhere microelectronics makes a positive contribution to people lives, ST is there.

 In 2018, we were ranked by the Randstad Employer Brand Research Award among the 5 most attractive companies in France, for our values of excellence, our integrity and the respect of our employees.

 

 POSTING PRESENTATION:

The purpose of the job is to ensure that the ST information security framework is deployed in the Americas region, with the objectives that information security risks are known and managed appropriately.
The risks considered are those affecting the Confidentiality, Integrity and Availability of Company data hosted on computer systems (servers, PCs, mobiles, IT applications, SaaS…) and the cyber-attacks against industrial devices used for Company business.
Main activities:
InfoSec assurance in the region
Coach/support the local contacts in the region to ensure the following:
Regular reviews are performed to detect gaps at the site Vs. the InfoSec framework
The site InfoSec risks logs are built and maintained
The site InfoSec survey is executed
The InfoSec posture of the site is reported regularly to the site management team (risk log, status of actions…)
Security of local IT solutions / industrial solutions, site services (such as physical security, facilities and canteen systems), labs and warehouses is appropriately taken into account

InfoSec governance in the region
Run regular network conferences with the local contacts in the region
Promote best practices among the sites
Define and perform the annual site visit plan
Ensure that security-related data available in central (awareness, malware, exceptions…) are made available to site contacts, as per needs
Assist stakeholders in answering InfoSec-related questionnaires raised by customers or third-parties
Maintain the InfoSec dashboard of the region
Security incident management
Manage the InfoSec incidents which require direct involvement of regional InfoSec
Ensure, with sites, that InfoSec incidents and anomalies in the region are timely and adequately treated, in sync with the CSIRT
Identify recurring incidents or anomalies that may indicate a need to address the root cause to avoid reoccurrence
Site InfoSec survey
Run the site InfoSec survey in the region
Analyze answers from the sites to identity common weaknesses / misses / strengths / opportunities
InfoSec day to day operations
Review and approve/reject security exception requests in the region, whenever required by process
Review and approve/reject requests (including those in Flow) in the region which require regional InfoSec officer approval
Maintain the repository of security exception requests and ensure re-certification as per process
IT contingency plans / DRP
Review the site IT DRP, assess their quality and provide recommendations for further improvements
Global InfoSec governance support
Participate actively to the continuous improvement of the information security framework and its implementation
As directed by the head of InfoSec governance, improve the tooling / processes / documentation from Regional InfoSec

 

PROFILE REQUIRED:

·    This position is for a cyber-security professional with at least 6-10 years of experience covering several domains of information security.
Ability to cover the entire scope of information security
Expertise in several domains of cyber security (such as network, system, application, incident management, awareness, vulnerability management, audit and risk assessment…)
Experience in delivering security training and briefing sessions with management
Ability to interact with people at all levels of the organization
Experience of leading virtual teams
Excellent facilitation, communication and influence skills
Ability to treat several topics in parallel, to "clarify the unknown", to translate technical aspects into risks and to communicate on those risks
Ability to consider short-term as well as longer term actions and to anticipate.
Trustworthy and Rigorous.
High level of autonomy and pro-activity

- Bachelor or Master in information security or equivalent
- Security certification is a plus (CISSP, CISM…)
- English is a must
- Experience working with non-native English speakers is a plus
- Experience working in an international environment is a plus
 This position requires regular travels in the region and occasional travels in ST worldwide

·   4 - Bachelor degree
·   6-10 years

 

CONTACT & APPLY FORM:

  Learn more about STMicroelectronics on: www.st.com

And ask you questions:

·  LinkedIn : STMicroelectronics
·   Facebook : STMicroelectronics

Make every future a success.
  • Job directory
  • Business directory
    •