Director of Information Security, SPS
Professional, Engineer & Manager
The individual in this position will deploy Safran Group standards and define the applicable Information Systems security policy for Safran Passenger Solutions, ensuring that it is implemented throughout all of the businesses. This individual has ultimate responsibility for information systems and functions within an organization and may serve as a key member of the executive team. This individual will serve as the lead in advising, support, information, training and alert capacities and may intervene directly in all or part of the IT and telecom systems within their professional scope. This position will report hard-line to (Safran CISO) and dotted line to Information Systems Director.
Essential Duties and Responsibilities
- • Definition of security policy:
o Defines and implements procedures linked to IS security
o Contributes to the organization of the company and to its security policy
- • Risk analysis:
o Assesses resources, ensuring their security and proper use
o Establishes the prevention plan
- • Introduction and training on security issues:
o Trains the operational departments and businesses
o Participates in drawing up the company's security charter
o Ensures the promotion of the IT security charter among users
- • Studies of resources and recommendations:
o Defines security standards
- • Audits and inspections:
o Audits how vulnerable the company is
o Launches crisis units in case of IS security incidents
- • Monitoring of existing and potential technology:
o Monitors developments necessary to ensure data and physical security of the IS in its entirety
- • Deliverables:
o Results of internal security audits
o Results of audits imposed by legislation (for instance SOX)
o Reporting and management charts for IS security Other duties as assigned
o Ongoing security of SPS information systems
- • KPIs
o Measurement of the level of compliance with security policy by users.
To perform the job successfully, an individual should demonstrate the following competencies:
Technology Trend Monitoring - Investigates latest ICT technological developments to establish understanding of evolving technologies. Devises innovative solutions for integration of new technology into existing products, applications or services or for the creation of new solutions.
Innovating - Devises creative solutions for the provision of new concepts, ideas, products or services.
Interpersonal Skills - Approaches others in a tactful manner; Reacts well under pressure; Focuses on solving conflict, not blaming; Maintains confidentiality; Listens to others without interrupting; Keeps emotions under control; Remains open to others' ideas and tries new things.
Communication Skills - Speaks clearly and persuasively in positive or negative situations; Listens and gets clarification; Responds well to questions; Demonstrates group presentation skills; Writes clearly and informatively; Edits work for spelling and grammar; Varies writing style to meet needs; Presents numerical data effectively; Able to read and interpret written information..
Business Acumen - Understands business implications of decisions; Displays orientation to profitability; Aligns work with strategic goals.
Ethics - Strong work ethic and integrity.
Judgment - Displays willingness to make decisions; Exhibits sound and accurate judgment; Supports and explains reasoning for decisions; Includes appropriate people in decision-making process; Makes timely decisions.
Adaptability - Adapts to changes in the work environment; Manages competing
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education and/or Experience – BA or BS degree in Computer Science, Information Technology, Engineering or related discipline. Minimum 10 years related experience, including management of IT systems, or large company-wide projects. Systems security management of large organizations in a national and international environment preferred. Experience in the aerospace industry a definite plus. IT experience in security field. Necessary expertise in all areas of the Information Systems; high awareness of all users of the IS (internal clients) to data security; need understanding and consideration of security in the evolution of uses and behaviors (social networks, USB, social engineering).
Language Skills -. Effective verbal and written communication and presentation skills required; interpersonal skills working across the organization with various levels of personnel is essential.
Mathematical Skills - Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry. Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
Reasoning Ability - Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.
Relationship Management - Establishes and maintains positive business relationships between stakeholders (internal or external) deploying and complying with organizational processes. Maintains regular communication with customer/ partner/ supplier, and addresses needs through empathy with their environment and managing supply chain communications. Ensures that stakeholder needs, concerns or complaints are understood and addressed in accordance with organizational policy. Contributes to building a positive team spirit; Puts success of team above own interests; Able to build morale and group commitments to goals and objectives; Supports everyone's efforts to succeed.
Information Security Management - Implements information security policy. Monitors and takes action against intrusion, fraud and security breaches or leaks. Ensures that security risks are analyzed and managed with respect to Enterprise data and information. Reviews security incidents, makes recommendations for security policy and strategy to ensure Continuous improvement of security provision.
IS Governance - Defines, deploys and controls the management of information Systems in line with business imperatives. Takes into account all internal and external parameters such as legislation and industry standard compliance to influence risk management and resource deployment to achieve balanced business benefit.
Specificity of the job
Must be able to travel to US sites and internationally, as needed.
Safran is an international high-technology group, operating in the aircraft propulsion and equipment, space and defense markets. Safran has a global presence, with more than 92,000 employees and sales of 21 billion euros in 2018. Working alone or in partnership, Safran holds world or European leadership positions in its core markets. Safran undertakes Research & Development programs to meet fast-changing market requirements, with total R&D expenditures of around 1.5 billion euros in 2018.
Safran is ranked among the Top 100 Global Innovators by Thomson Reuters and is featured on the "Happy at work" rankings. The Group places fourth on the Universum ranking for the favorite companies of newly-qualified engineers in France.
Corporate Security OfficerPublished on 08/02/2019Carson , United States Regular Full time Data management and IT
Systems Administrator IPublished on 10/18/2019Brea, United States Regular Full time Data management and IT
Sr. SAP AnalystPublished on 09/19/2019Costa Mesa, United States Regular Full time Data management and IT