Security Governance and Compliance Manager F / M
Apply Now Publish Date Jun. 27, 2022 Location Suresnes France, Valence France Company WorldLine
The role sits in the TSS business line, in Valence (France) or Suresnes (near Paris), attached to the Global Solution Development Head of Security.
The open position is to manage one branch of the security team. This branch is focusing on the following aspects :
Global security governance for Terminal security in relation with the R&D, the security champions in regions,
Supervision of the development of the Trusted Applications (also named Security Schemes) and the operation of secret key management solutions,
Supervision of some of the infrastructures associated to the terminal manufacturing or repair (Public Key Infrastructure for instance, Remote key injection systems),
Architecture of security solutions (such as remote key injection solutions, CodeSigning solutions) and management of sensitive assets.
The security governance and compliance manager will animate a team of security experts and focus on the following topics :
Governance :
Ensure security governance within the Global Solution Development entity
Maintain and distribute the related security policies
Define security rules and policies to access or provide access to security tools and related sensitive assets, follow-up their distribution and deployment to support Ingenico's and customers' solutions
Animate a team of experts working on various topics.
Compliance :
Maintain security compliance and certification of the centrally managed solutions and tools
Monitor the standard changes and work with R&D teams to ensure compliance level according to standard evolutions
Prepare and execute audits with QPAs and QSAs and support regions relying on centrally provided tools and solutions in their own audits
Key Management :
Ensure key management operations (local and remote key distribution of manufacturer and customers' keys) and define related policies and processes.
Ensure certification of key management processes and solutions (e.g. PCI PIN and PCI P2PE)
Define, operate and maintain Public Key Infrastructures
Architecture :
Support teams from the Global Solutions Development entity in their solutions security architecture and propose options to fit their needs
Improve centrally managed offer in order to limit specific local solutions in regions
Security Support :
Support all TSS entities worldwide on their security requests related to GSD solutions and cryptographic questions
Support GSD security risk management activities
You have a Master degree completed with 7 years minimum in information security in an international company.
You have a real organization commitment, business sensitiveness, tranversal management skills, process orientation and ability to work in a team.
PCI SSC standards knowledge but also fluency in English and French are required.
Apply Now
