DIRECTEUR.DIRECTRICE SÉCURITÉ ET CYBERSECURITE

SOITEC-enNorthampton Township, PA
5d
Match Resume

About The Position

Soitec is a company listed on the SBF 120 index of the Paris Stock Exchange and operates upstream of the microelectronics value chain. Our innovative semiconductor materials are essential to the operation of smartphones and the deployment of 5G. They also offer numerous opportunities for connected cars, electric and autonomous vehicles, and embedded intelligence in connected objects. This position gives us incredible responsibility, which inspires us on a daily basis: to make possible the massive adoption of technological innovations while considerably limiting their environmental impact, in a logic of responsible innovation and sustainable development. Reporting directly to the General Secretary, the Director of Security and Cybersecurity is responsible for the strategy, governance and implementation of all security measures within the organization, in particular those aimed at guaranteeing the security of sites and assets (security), people (personal security) and information and systems (cybersecurity) against all threats on a global scale, whether digital or physical, and in particular on critical environments (IT, OT, Cloud and R&D). He/She ensures the protection of the company's physical, informational and intangible assets and its employees, ensures the definition, adequacy, consistency and management of all means of protecting sites, assets, people, information systems and industrial systems. In close liaison with the company's departments, he/she is responsible for protecting the overall attack surface and security culture.

Requirements

  • BAC +5, engineer in computer science or cybersecurity risk management, or equivalent.
  • Significant experience of at least 10 years in a similar job, ideally in an industrial (OT) or R&D (Intellectual Property) environment with a strong international dimension.
  • General knowledge of the components of an information system (IT and OT).
  • In-depth knowledge of cybersecurity standards (ISO 27001, NIST).
  • Excellent understanding of the specific threats to the semiconductor sector and economic espionage.
  • Mastery of safety concepts (environmental analysis, access control, physical risk management). Mastery of major security repositories (ISO 27001, ISO 27032, ISO 27005, NIST CSF).
  • Imperative fluent English (work in a global context).
  • Mastery of safety concepts (environmental analysis, access control, physical risk management).
  • Experience in managing emergency situations (cyber crisis and physical crisis).
  • Interact, inform, recommend, collaborate with the IT Department at group level and the players linked to the information system.
  • Communicate with service providers specializing in cybersecurity and privileged internal players (Finance, Innovation, Operations, R&D, HR) and external players (ANSSI, CISA, experts, insurers).
  • Lead cross-functional working groups internationally (ISO 27001, secure Cloud, IT protection equipment, third-party monitoring).
  • Represent the company at events and trade shows related to cybersecurity.

Responsibilities

  • Define and implement the Group's Information Systems Security Policy (PSSI), adapting it to regulatory requirements and the specificities of different countries (e.g., local regulations, customer requirements, industry standards).
  • Supervise operational security teams (SOC, incident response, vulnerability management).
  • Ensure compliance with data protection regulations (e.g., GDPR).
  • Implement technical measures (firewalls, EDR, IAM, etc.) to protect the network, applications and data.
  • Define and monitor an information protection and prevention plan (based on standards such as ISO 27001, NIST, ANSSI) and manage its certification/compliance.
  • Monitor and adapt the Group's Information Security Charter and promote it internationally.
  • Validate the use of generative AI and ensure that company data does not “leak” into public models.
  • Define and implement the security policy for sites (headquarters, factories, warehouses, etc.) and assets.
  • Manage physical access systems (badges, video surveillance, alarms, fences).
  • Manage the security of the supply chain and critical partners.
  • Protect sensitive hardware assets, intellectual property and facilities against theft, vandalism or industrial espionage.
  • Monitor and implement the security policy for people and their travel and missions abroad (Travel Security).
  • Ensure the safety of employees on site and during corporate events.
  • Manage the security of executives and managers (Executive Protection).
  • Coordinate evacuation plans and personal safety exercises.
  • Analyze, map and assess the risks of the information system (IT and OT) and physical risks in the company on a global scale, define urgencies and priorities (Risk Assessment) and ensure follow-up.
  • Guarantee compliance with international standards and regulations and draw inspiration from good practices in information security (ANSSI, NIST, CISA, etc.).
  • Identification of potential points of vulnerability (technical, organizational, human) on industrial sites and offices.
  • Develop and test Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP).
  • Lead the crisis unit in the event of a major incident (cyberattack, natural disaster, security emergency).
  • Manage the budget, the Security team and security service providers (security, audit).
  • Process and ensure the remediation plan for major IT and cyber incidents (crisis management).
  • Ensure continuous technological and regulatory monitoring of risks, equipment, solutions and potential countermeasures.
  • Manage the evolution and integration of security projects into IT and OT infrastructures (Cloud Security, EDR/XDR, IAM, Industrial Network Security).
  • Implement and deploy a training and awareness plan for information systems security, adapted and compulsory for all employees and third parties around the world.
  • Management of the Global Security Office team
  • Be the guarantor, advice and recommendation of respect for security to the Management Committee, the Global IT department, the Business Departments (Operations, R&D, Finance, Purchasing, HR, etc.) and local entities.
  • Organize its activities according to the priorities defined by operational needs and the criticality of the issues.
  • Ensure the consistency of actions undertaken with the other support functions of the company (General Secretariat, IP, HSE, Facilities, HR).
  • Manage the Cybersecurity budget and the management of specialized external service providers.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Director

Job Search Resources

Similar DIRECTEUR.DIRECTRICE SÉCURITÉ ET CYBERSECURITE job opportunities

Ingénieur en sécurité des procédés (PSM)
ArcelorMittal
ArcelorMittal11d
Ingénieur en sécurité des procédés (PSM)
ArcelorMittal
ArcelorMittal11d
Programming Analyst
World Bank Group
World Bank Group • Washington, DC9d • Onsite
Sr NDE Inspector, ET
Relativity Space
Relativity Space • Long Beach, CA4d • $37 - $48
Sr NDE Inspector, ET
Relativity Space
Relativity Space • Long Beach, CA5d • $37 - $48
Broadcast Technician III (ET)
United States Agency for Global Media (USAGM)
United States Agency for Global Media (USAGM) • Doral, FL12d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service