Regional Cybersecurity Officer

Mission

In charge of Cybersecurity of one or several countries or one subsidiary ('Region'):
Act as the Cybersecurity point of contact for the 'Region' Functionally manage the Sites Cybersecurity Officers Deploy the Valeo ISSP (Information Systems Security Policy) within the 'Region', assess and improvethe level of Cybersecurity of the different sites Coordinate the Cybersecurity incidents in the 'Region' Provide reporting of the 'Region' Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some GroupCybersecurity programs. Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific missions.

Responsibilities :

Accountability

•  Act as the Cybersecurity point of contact for the 'Region'

 For the Group CISO (Chief Information Security Officer) and the Cybersecurity organization

 For the legal representatives

 For the customers

 For the partners and suppliers

•  Functionally manage the Sites Cybersecurity Officers

 Organize and lead the regular Cybersecurity meetings with the Sites Cybersecurity Officers of

the 'Region'

 Relay the Cybersecurity communications and actions to the Sites Cybersecurity Officers of the

'Region'

 Coordinate the translations performed by the Sites Cybersecurity Officers regarding the

Cybersecurity communications, eLearning, TIPs...

•  Deploy the Valeo ISSP (Information Systems Security Policy) within the 'Region', assess and improve

the level of Cybersecurity of the different sites

 Disseminate Group standards, rules and best practices to the Sites Cybersecurity Officers

 Control and validate the Valeo ISSP compliance for all the sites of the 'Region'. If mandated by

the Group CISO, act as delegate to provide exemptions. Alert Sites Cybersecurity

Officers/Group CISO in case of deviation

 Manage the Cybersecurity action plans of the 'Region'

•  Coordinate the Cybersecurity incidents in the 'Region'

 Ensure capitalization within the 'Region' following Cybersecurity events and incidents

•  Provide reporting of the 'Region'

 Provide regular and on-demand reporting to the Group

 Follow and report the OEMs Cybersecurity requirements of the 'Region'

•  Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group

Cybersecurity programs

•  Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific

missions

Responsibility

•  Act as the Cybersecurity point of contact for the 'Region'

 Participate to the external security assessments (customer mandated audit) and act as delegate

of Group CISO

•  Functionally manage the Sites Cybersecurity Officers

 Develop knowledge of the Sites Cybersecurity Officers

 Manage their training

•  Deploy the Valeo ISSP (Information Systems Security Policy) within the 'Region', assess and improve

the level of Cybersecurity of the different sites

 Define and follow improvement plans with the Sites Cybersecurity Officers

 Perform or control, by Group CISO delegation, risk assessments for, but not limited to, projects,

sites, third parties

•  Coordinate the Cybersecurity incidents in the 'Region'

 Ensure that all non-compliances, abnormal Cybersecurity events, and Cybersecurity incidents

are raised by the Sites Cybersecurity Officers

 Ensure swift resolution of Cybersecurity incidents with the Sites Cybersecurity Officers and the

Group CIRT (Cybersecurity Incident Response Team)

•  Provide the reporting of the 'Region'

 Inform the Continental IS Director(s) of the 'Region' for all aspects related to Cybersecurity

non-classified as 'Secret'

 Request the authorization to have an exemption to the Valeo ISSP whenever it is mandatory to

fulfill a law/regulation linked to the 'Region' activity

•  Others

 Upon request, act as Group CISO delegate to perform some specific missions

 Act as internal Cybersecurity risk auditor for the other 'Regions'

Contribution

•  Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group

Cybersecurity programs

 Contribute to Group Cybersecurity programs

 Propose, to Group CISO, initiatives to improve:

 Cybersecurity of the 'Region'

 Valeo ISSP, Group standards and rules

 Cybersecurity KPIs

Experience Required

•  Above 10 years of relevant experience in Cybersecurity
•  Worked in an international company in a multicultural environment.
•  Knowledge and experience linked to Cybersecurity standards (ISO 2700x, NIST, NIS)
•  Knowledge and experience in technical topics such as malware, patch management, firewalling
•  Other infrastructure / network / system / database / application experience
•  Team management experience