Industrial CyberSecurity Manager

Position: Industrial CyberSecurity Manager

Organization

▪ Function: CyberSecurity

▪ Country: France

▪ Location: Paris

▪ Supervisor: Group CyberSecurity Director

Context

▪ The compagny faces emerging cyber threats with substantial impacts on its industrial activities encompassing

operational, financial, reputational, compliance, and even safety concerns.

▪ The CyberSecurity department is reinforcing its team with a resource dedicated to the Industrial Cybersecurity

Risk

Purpose

▪ She/he is the dedicated CyberSecurity partner of the Compagny industrial Community.

▪ She/he define and implement the Industrial Cybersecurity strategy within Compagny Factories

▪ She/He manages the Industrial Cyber Correspondents community and raises their awareness level.

▪ She/he manage communication and improvement plans within factories in coordination with Cyber

Correspondents

▪ She/he defines and implements Rules & Policies dedicated to Industrial Cybersecurity.

▪ She/he ensures, through audits, the level of protection and the cyber resilience level of our factories.

▪ She/he participates to the industrial CyberSecurity Incident management process

▪ She/he defines and manages and report Industrial Cybersecurity KPIs for her/his whole activity

Areas of responsibility

▪ Management & Reporting

o Provide a leadership role in the supervision of the CyberSecurity risks applied to the compagny industrial activities, in relationship with national authorities and regulatory bodies

o Manage the Industrial CyberSecurity Correspondents and its Community

o Regular report to the Industrial ExCom on the current cyber threat level, the compagny maturity levels, the

Industrial CyberSecurity Program progress, the different KPIs and the incidents/crisis managed

▪ Strategy & Program

o Define the Industrial CyberSecurity strategy in alignment with The compagny CyberSecurity strategy and regulations.

o Ensure the deployment of this strategy thanks to Industry 4.0 Program

o Steer the budget and resources related to the Industrial Program

o Lead deployment projects for industrial cybersecurity tools and solutions.

▪ Policy & Awareness

o Define the Industrial CyberSecurity Policies, Charters and Guidelines

o Design and deliver training and awareness sessions on industrial cybersecurity.

o Ensure deployment and continuous improvement of the Policies, leveraging an Industrial CyberSecurity

Correspondent network within the compagny factories

o Control the effective deployment of the Policies and manage Security Exceptions

o Communicate on best practices, processes, solutions and standards

o Increase Cyber awareness and culture through different format of training programs

▪ Respond & Recover

o Provide operational support to industrial sites for incident management and the implementation of action plans.

o Steer the prevention, protection, monitoring, detection and Incident Response activities in industrial

environment

o Contribute to the Industrial Cybersecurity Crisis Management processes

o Contribute to the definition of the Industrial Continuity Plan and Disaster Recovery Plan

▪ Continuous Improvement

o Ensure progressive increase of the Compagny security maturity levels

o Ensure the operational maintenance and security maintenance of dedicated industrial cybersecurity solutions

2/2 and manage the resources responsible for these activities.

o Provide CyberSecurity Requirements in industrial projects conducted by The compagny units or Business Group

o Perform regular efficiency and compliance assessment on industrial systems

o Conduct technological and regulatory watch on industrial threats and solutions.

o Coordinate and monitor mitigation plan execution

o Perform CyberSecurity market watch

Expected results

▪ A communicated and recognized Industrial CyberSecurity strategy implemented in The compagny Factories

▪ An increased level of protection of our Industrial Assets

▪ An improved Cyber Resilience level of our factories

▪ An efficient CyberSecurity Incident management response process

▪ A living Industrial Cyber Correspondents Community with an improved awareness level

Position sizing

▪ Industrial CyberSecurity Manager with functional report within the team and from our providers

Required skills and qualifications

▪ In-depth knowledge of security concepts in industrial environment

▪ Project Management skills

▪ Communication and leadership skills

▪ Advanced English

▪ Excellent analytical and problem-solving skills

▪ Master’s Degree in major business school or engineering school or top-class University

▪ A plus would be certifications related to CyberSecurity or Information Security (ISO 24392/CEI 62443, CISSP,

CISM, or equivalent