Consultant Cyber GRC Senior Thales

As part of the THM team, you will work as a Senior Consultant to deliver security services for our clients.

Your main missions will consist of:

• Define and support the governance of Information Systems Security
• Participate in the creation and implementation of the ISS Director Scheme, define monitoring indicators
• Write information security governance documents (IS Security Policy, IT Charters, Data Governance)
• Participate in risk analyses
• Manage the implementation of technical and organizational protection measures
• Support compliance with SSI reference standards (PCI DSS, ISO 2700x, GDPR, DNSSI, SIS Certification, etc.)
• Definition of the certification process, Conduct of PIAs, FAD maps and their processing. Risk analysis Analysis of deviations from the reference
• Mock audit, internal audit and third-party audit Certification audit
• Conduct awareness campaigns on IS security and data protection
• Perform internal and external penetration tests on networks, systems, Web/Mobile applications, IoT.
• Identify, analyze and exploit security vulnerabilities (infrastructures, applications, protocols).
• • Develop and use custom tools/scripts for pentest campaigns.
• Apply standard methods (OWASP, OSSTMM, PTES, MITRE ATT&CK).
• Write technical and executive reports with descriptions of vulnerabilities, evidence of operation and corrective recommendations.
• Advise the technical teams and the Client for the correction of flaws and the improvement of the level of security