Our client is the world’s leading provider of Sustainability, EH&S, and Operational Risk Management Software with a mission to enable the Sustainable Company. It offers the industry’s most comprehensive enterprise EHS software platform with technology, content and services that help large & complex organizations manage risks, ensure compliance and continually improve operational excellence.
This position is within the Global Business Services division whose motto is: “Simple, Better, Efficient”. It is there to support business objectives while leveraging as adequately as possible the corporate controls. Reporting to the Associate Director for IT Security, here are the main responsibilities of this position:
- Information systems control design and implementation
Design and implement information systems controls in alignment with the organization’s risk appetite and tolerance levels to support business objectives.
- Interview process owners and review process design documentation to gain an understanding of the business process objectives.
- Analyze and document business process objectives and design to identify required information systems controls.
- Design information systems controls in consultation with process owners to ensure alignment with business needs and objectives.
- Facilitate the identification of resources (e.g., people, infrastructure, information, architecture) required to implement and operate information systems controls at an optimal level.
- Monitor the information systems control design and implementation process to ensure that it is implemented effectively and within time, budget, and scope.
- Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed.
- Test information systems controls to verify effectiveness and efficiency prior to implementation.
- Implement information systems controls to mitigate risk.
- Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of information systems control performance in meeting business objectives.
- Assess and recommend tools to automate information systems control processes.
- Provide documentation and training to ensure information systems controls are effectively performed.
- Ensure all controls are assigned control owners to establish accountability.
- Establish control criteria to enable control life cycle management.
- Information systems control monitoring and maintenance
Monitor and maintain information systems controls to ensure they function effectively and efficiently.
- Plan, supervise and conduct testing to confirm continuous efficiency and effectiveness of information systems controls.
- Collect information and review documentation to identify information systems control deficiencies.
- Review information systems policies, standards, and procedures to verify that they address the organization’s internal and external requirements.
- Assess and recommend tools and techniques to automate information systems control verification processes.
- Evaluate the current state of information systems processes using a maturity model to identify the gaps between current and targeted process maturity.
- Determine the approach to correct information systems control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and remediated.
- Maintain sufficient, adequate evidence to support conclusions on the existence and operating effectiveness of information systems controls.
- Provide information systems control status reporting to relevant stakeholders to enable informed decision making.
- Audits and reviews preparation and facilitation
- Serve as liaison to auditors, consultants, and the Security Board regarding documentation and review of information systems control.
- Communicate audit and review results to appropriate parties; ensure that issues are addressed, and corrective actions are implemented.
- Keep a tracking action list of all audit issues.
Other duties – In collaboration with team members, Information Security, and other support functions, contribute to information systems risk assessments.
- The ability to be part of a close-knit, international, supportive team, working in a fun environment, who are passionate about Technology and Innovation
- Opportunities to work for a global company with offices in Paris, London, Den Haag, Chicago, Montreal, Sydney
- Cool, modern offices with a game room, Team events/Parties…
- Hybrid work that allows you to work from home and the office