Security Governance and Compliance Manager F/M

Apply now »

Publish Date: Nov 20, 2022

Location: Valence, Auvergne, FR

Company: worldline

 
 
 
Ingenico is the global leader in payments acceptance solutions. Our world-class terminals, solutions and services enable the global ecosystem in the new world of payments acceptance. We are the trusted technology partner to 1,000+ banks, acquirers, ISVs, payment aggregators and fintech customers and we deploy 40 million POS terminals around the world for retailers ranging from small merchants to some of the best-known global brands. As the world’s largest payment acceptance network, powered by 4,000 employees in more than 50 countries, we provide smart, trusted, and secure solutions with a local and international reach. Our solutions enable merchants to simplify payments, delivering speed, security, and flexibility to enhance greater customer engagement. With 45 years of experience, innovation is integral to Ingenico’s approach and culture, inspiring our large and diverse community of experts who anticipate and help shape the evolution of commerce worldwide. Our strengths in innovation are matched by the power and robustness of our platforms, the security of our solutions and the quality of our services. At Ingenico, trust and sustainability are at the heart of everything we do. .

The role sits in the TSS business line, in Valence (France) or Suresnes (near Paris), attached to the Global Solution Development Head of Security.

 

The open position is to manage one branch of the security team. This branch is focusing on the following aspects:

- Global security governance for Terminal security in relation with the R&D, the security champions in regions,

- Supervision of the development of the Trusted Applications (also named Security Schemes) and the operation of secret key management solutions,

- Supervision of some of the infrastructures associated to the terminal manufacturing or repair (Public Key Infrastructure for instance, Remote key injection systems),

- Architecture of security solutions (such as remote key injection solutions, CodeSigning solutions) and management of sensitive assets.

 

The security governance and compliance manager will animate a team of security experts and focus on the following topics:

 

Governance:

- Ensure security governance within the Global Solution Development entity

- Maintain and distribute the related security policies

- Define security rules and policies to access or provide access to security tools and related sensitive assets, follow-up their distribution and deployment to support Ingenico's and customers' solutions
- Animate a team of experts working on various topics.

 

Compliance:

- Maintain security compliance and certification of the centrally managed solutions and tools

- Monitor the standard changes and work with R&D teams to ensure compliance level according to standard evolutions

- Prepare and execute audits with QPAs and QSAs and support regions relying on centrally provided tools and solutions in their own audits 

 

Key Management:

- Ensure key management operations (local and remote key distribution of manufacturer and customers' keys) and define related policies and processes.

- Ensure certification of key management processes and solutions (e.g. PCI PIN and PCI P2PE)

- Define, operate and maintain Public Key Infrastructures

 

Architecture:

- Support teams from the Global Solutions Development entity in their solutions security architecture and propose options to fit their needs

- Improve centrally managed offer in order to limit specific local solutions in regions

 

Security Support:

- Support all TSS entities worldwide on their security requests related to GSD solutions and cryptographic questions

- Support GSD security risk management activities

 

 

You have a Master degree completed with 7 years minimum in information security in an international company.

You have a real organization commitment, business sensitiveness, tranversal management skills, process orientation and ability to work in a team.

PCI SSC standards knowledge but also fluency in English and French are required.

Ingenico is proud to be an equal opportunity employer. We do not discriminate on the basis of religion, color, ancestry, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender identity, gender expression, age, disability status or other legally applicable protected characteristics. .


Job Segment: Information Security, Manager, Technology, Security, Management