The IT Security Process Specialist is responsible for designing, implementing, and maintaining security processes that ensure the protection of the company's information systems. This role focuses on developing governance frameworks, improving operational security workflows, and ensuring compliance with internal and external security standards. The specialist collaborates with technical and business teams to assess risks, streamline procedures, and support continuous improvement initiatives.
Key responsibilities include documenting security processes, monitoring process efficiency, coordinating audits, and contributing to incident response and prevention strategies. Strong analytical skills, knowledge of security best practices, and the ability to translate technical requirements into effective processes are essential.
Responsabilities:
- Collaborate with CISO in order to establish clear governance frameworks ensuring that all security processes are documented, regularly reviewed, and aligned with professional standards and regulatory requirements.
- Develop and enforce access management procedures (IAM), including role-based access control (RBAC), onboarding/offboarding workflows, privileged access policies, and periodic access reviews.
- Manage and optimize the vulnerability management process, including risk assessment, prioritization, remediation planning, and coordination with IT teams.
- Define and monitor patching standards and schedules, ensuring that systems are regularly updated and compliant with the client's security requirements.
- Provide recommendations for improvement, identifying gaps in processes, proposing corrective actions, and driving continuous improvement initiatives.
- Collaborate with technical teams to ensure security processes are practical, efficient, and aligned with operational needs.
- Define and provide annual security awareness training for INSO staff
- Support security incident response activities by ensuring that process documentation is up to date and that root causes related to governance or process gaps are addressed
Technical skills:
- Strong expertise in network technologies, including TCP/IP, firewalls, routing, switching, VLANs, and network security architectures.
- Solid knowledge of major operating systems, including Windows Server, Linux Red Hat, and other enterprise platforms.
- Strong analytical and problem-solving abilities, with the capacity to interpret technical information and translate it into actionable processes.
- Excellent communication and collaboration skills, with the ability to work closely with CISO teams, IT operations, infrastructure teams, and application owners.
- Familiarity with security standards and frameworks, such as ISO 27001, NIST, CIS Controls, or similar.
- Process-oriented mindset, with experience in creating documentation, governance models, and continuous improvement processes
Profile :
-
Bachelor's or Master's degree in IT, or a related field
- ITIL certification
- Certification in professional cybersecurity: CISM, CISSP, etc
- Excellent verbal and written English and/or French
Why Cronos Group?
We'll propose you:
- An attractive salary package
- A good work-life balance environment
- The assurance of working in cutting-edge technologies in an entrepreneurial spirit.
- The opportunity to develop your skills thanks to tailor-made training courses according to your needs
- A good job in a friendly place
If you wish to integrate a dynamic structure on a human scale while working with the latest technologies, don't wait anymore and join Cronos!
