GSO - Client Engagement - Sr. Associate Information Security
Publicis Groupe
Makati City, ph
2d ago
  • This position is an active member of the Global Security Office (GSO), the security organization of Publicis Groupe under Re : Sources, responsible for supporting security compliance activities globally to Groupe agencies.
  • This position supports security requirements of Publicis Groupe, it’s agencies, and ensures the success of business by working collaboratively with internal and external stakeholders.
  • This position also coordinates dependencies across the disciplines and organization to understand and address the ever-changing security landscape and security-related business requirements.

  • This position reports into Sr. Manager / Manager Information Security
  • Contributes to the broad range of global security initiatives as guided by the Leadership of the Global Security Office team.
  • Sets and measures security effectiveness inline with services provided by GSO to Groupe agencies.
  • Reviews the client security requirements e.g. security terms in Master Services Agreements (MSAs), Statement of Work (SOW), etc.
  • and ensures those requirements can be met by Publicis Groupe agencies through implementation of security controls.

  • Participates in client security discussions on contractual requirements and ensures a common understanding of the security controls required to protect the client information and other compliance requirements.
  • Responds to client security questionnaires, requests for proposal / information, annual compliance reviews, and attends client meetings.
  • Serves as a consultant on administrative, physical and technical security controls required for security compliance. Coordinates the implementation of security controls.
  • Participates in internal and external security audits. Supports the Publicis Groupe agencies by managing the client-sponsored audits.
  • Serves as the focal point of internal, external and customer security audit requests and testing.

  • Coordinates evidence production on request, coordinates availability of resources and systems, and ensures readiness for each audit cycle.
  • Contributes to continual improvement of Publicis Groupe’s security policies, standards and guidelines. Gets involved in security documentation on a regular basis as an author or reviewer.
  • Maintains awareness of the current industry environment that shapes opportunities for client solutions (i.e. news events, trends, mergers, etc.).
  • Participates in recruitment and hiring activities, including interviewing and conducting hiring exercises for Associates, Sr. Associates.
  • Coordinates and participate in various ISMS related activities such as Risk assessment, ISMS security audit, etc.
  • Provides support to Publicis Groupe agencies on security compliance topics such as ISO 27001 certification, PCI DSS and partners on certification / attestation initiatives as determined by business needs from time to time.
  • Participates in security audits of key processes and controls, gap analysis, and risk assessments to assess control operating effectiveness.
  • Interfaces with corporate governance, internal and external auditors.

  • Contributes to the security awareness initiatives by publishing security bulletins, blogs, newsletters, etc.
  • Qualifications

  • Partner with agencies to address their clients’ security requirements.
  • Promote business partnerships regarding compliance risk issues with internal and external stakeholders.
  • Maintain a support role in information security implementation. Implement improvement program for security compliance processes.
  • Demonstrate communication skills regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.
  • Demonstrate interpersonal, presentation, and relationship skills required for supporting the internal and external customers.
  • Mandatory language skills (oral, written and listening) : English
  • Good communication, written and presentation skills
  • Ability to work effectively and collaboratively with stakeholders.
  • Willingness to work with geographically dispersed teams; may involve working during non-business hours occasionally to accommodate time-zone differences.
  • Travel : This position will periodically visit other offices; may require domestic or international travel.
  • Degree from an accredited University, preferably in Computer Science, Information Systems, or a related field; relevant working IT or security experience considered.
  • Education and experience should also include auditing and / or operational risk management exposure.

  • Security certification such as ISMS Lead Auditor, ISMS Lead Implementer, CISA, CISM, CISSP or CRISC strongly preferred
  • At least 3+ years of IT and / or information security-related experience, including at least 2+ years audit, risk or compliance experience
  • Familiarity with general information security controls, processes and principles
  • Experience in managing an ISMS (ISO 27001) implementation
  • Exposure to other standards like SOX, SSAE 16, PCI : DSS, Cloud security standards
  • Team Work
  • Communication
  • Results Driven
  • Customer Focus
  • Relationships
  • Adaptability to Change
  • Continuous Improvement
  • Security Audits
  • Security Risk Assessments
  • Security Documentation
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form