Client Security Manager Job in Atos

The CSM is a consulting and coordination role within the Client Security Management service, which is responsible for the delivery of the customer security related contractually agreed upon requirements. To this end the CSM supports the Account Service Team, providing leadership for Information Security, Governance, Risk and Compliance (incl. assurance) in adherence to both regulatory and contractual requirements. A customer facing role maintaining oversight of all Information Security and Compliance Related activities as the first point of contact. Work with the Client and the Client Delivery Executive/Client Executive Partner to gain understanding of the contract in business context/priorities of the account. Lead meeting directly with Client as part of ongoing contractual relationship Has sufficient technical overview and knowledge to understand the importance of Information Security. Contributes as an expert to consult operational teams. Coordination of information and creation of the monthly Security & Compliance report for all Atos services to demonstrate compliance over security obligations. Continuously monitor the effectiveness of controls and initiate and prioritise improvement actions. Ensure that the critical operating controls are successfully implemented throughout the contract lifecycle. Member of the Account Service Team, CSM is the single interface to the account and customer for security governance and compliance, wherever the services are run (onshore & offshore). Proactively analyse the risk of threats within the managed estate. Inform Clients on new rules and regulations such as GDPR and what Atos could do for them Recipient of a threat report leading to assessment of potential zero-day vulnerabilities on operations, which present significant risk and warrant risk mitigation/appropriate actions/priority. Demonstrates an understanding of operational risk issues of interest to Atos service. Raise awareness via risk register for risk treatment within the scope of own expertise. Approve and reject risks as appropriate. Is able to drive and lead incident applying knowledge, skills, and experience. Formal communication with the external client regarding security incidents aligned with Account Service Team Is able to drive and lead assignments or projects or resources in support of proactive internal escalation or reactively to any external escalation applying knowledge, skills, and experience. Is able to drive and lead service improvement initiative in support of increased customer satisfaction Initiation of the creation of a yearly audit plan together with the client. Coordinate Audit Plan for Atos entities delivering service to Customer Creation of an audit findings overview (incl. improvement plans) Creating, advising, or validating the solution part of limited upselling proposal. Demonstrates understanding of client issues - contributes to viable solutions within the scope of expertise. Provide security advisory for change as requested by Change Management Team. Monthly overview of changes advisory provided Has the negotiating skills and personal presence to represent Atos towards the client organization at the highest levels both externally and internally, formally, and informally, establishing confidence and respect both for the function represented and as a trusted advisor. Contribute to the development of the strategical security and compliance roadmap of the Client. Demonstrates Management and Leadership of the Governance, Risk and Compliance agenda. Manages and organizes all teams and towers, by delegation where appropriate, leading and directing teams of multi-specialist towers and taking responsibility for the Information Security and appropriateness of their collective work. Produces high quality deliverables in terms of both content and presentation. Examples of deliverables include: reports, presentations and reasoned arguments. Takes an active role in the development of the CSM Community, as an Atos Expert. Escalate unsupported risk to senior management. Demonstrates an understanding of the issues of interest to the client organization which have an operational risk. Effectively communicate risks to the Client and ensure all risks are managed as part of a risk register through continuous dialogue. Formal communication with the external client regarding security incidents aligned with CDE. Can drive and lead assignments or projects or resources in support of Security Service Improvement applying knowledge, skills, and experience. Demonstrates an understanding of the issues of interest to the client organization and contributes to viable solutions within the scope of own expertise, considering the needs of those affected. Contributes proactively and effectively to identifying and securing further business opportunities based on risk-based discussion and client relationship For all significant changes monitor implementations and completion of the service acceptance, technical assurance and handover processes Note: Flexibility to work in NA time zone & CET time zone, required to be agreeable for shift work and weekend assignment. We are hiring for junior and senior positions - depending on prior experience seniority in the team will be determined Skillset: Certification: CISSP, CISM, ISO 27001 Lead Auditor, , PCI DSS QSA (Preferrable) Knowledge of Standards & compliance framework: HIPAA/ISO/PCI DSS/GDPR/SOC 1 & SOC 2/FDA compliance/GxP /NIST others Have analytical skills and attentive to details Sound judgment and assertiveness Strong relationship building and interpersonal skills / Work as part of a team Good organizational skills Good communication skills / Excellent oral and written communication skills Good Presentation Skills Experience interacting with all levels of management Ability to work independently and take decisions where necessary. Successful delivery against commitments and deadlines