ABOUT THE POSITION

CFM is gearing up for a transformative year as we head into 2025, marking a significant acceleration for our company. To meet the evolving demands of the research department, we are dedicated to making substantial investments in cutting-edge technological initiatives. The meaningful integration of advanced technologies, such as generative AI and cloud solutions, is at the core of our transformation strategy. Simultaneously, we are enhancing our security infrastructure to ensure the safe and optimized use of these advanced technologies.

We are looking for an accomplished IT Security Project Manager with a deep cybersecurity background to join our Information Security team in Paris, France.

In this role, you will lead the planning, execution, and delivery of complex IT projects with a strong emphasis on security while also ensuring that security principles are embedded across all IT initiatives. You will collaborate closely with various project teams and be a key contributor in championing security risk assessments and mitigation strategies.

Reporting directly to our CISO based in New York, the ideal candidate will have a demonstrated history of managing significant transformational IT projects, a comprehensive understanding of IT systems and cybersecurity methodologies, and the expertise to integrate robust security measures at every stage of project delivery.

Key Responsibilities:

IT Security Architecture & Integration: 

• Design and implement security measures within IT systems, leveraging deep knowledge of encryption, access control, and identity management.
• Ensure the integration of security principles in both on-premises and cloud environments (SaaS, PaaS, IaaS).

Technical Expertise & Systems Knowledge:

• Provide knowledge and guidance on best practices for security configurations of Microsoft and Linux operating systems, containers, Amazon services
•  Work with advanced IT systems, focusing on secure software development and implementing security controls in emerging technologies like generative AI.

Project Planning & Execution: 

• Develop comprehensive project plans outlining scope, objectives, timelines, and resource requirements. 
• Oversee implementation and delivery of IT projects with a core focus on security, ensuring alignment with business and security objectives.

Stakeholder & Communication Management: 

• Act as primary liaison among internal stakeholders, clients, vendors, integrators, and contractors to ensure project alignment and success. 
• Provide clear, timely status updates and risk assessments during steering committee meetings and regular project reviews.

Profile description:

Qualifications:

Education & Experience:

• Minimum education: BAC+3 (Bachelor’s degree)
• At least 10 years of IT project management experience, with 5+ years specifically focused on IT security.
• Proven ability to manage complex projects with pronounced security requirements.

Technical Expertise :

• In-depth knowledge of IT security concepts, practices, and technologies across on-premises and cloud environments (SaaS, PaaS, IaaS), including encryption, access control, and identity management. 
• Familiarity with security frameworks (e.g., NIST, ISO 27001) and a strong understanding of computer networking and network security methodologies. 
• Proficiency with Windows and Linux operating systems, containers, Amazon services, Microsoft 365, Microsoft Entra, Purview, Copilot, network security services such as firewalls, proxies, reverse proxies etc.

Leadership & Communication :

• Excellent leadership, analytical, and interpersonal skills, with the proven ability to lead cross-functional teams and manage diverse stakeholder relationships. 
• Fluent in both French and English (business and technical proficiency required).
• Ability to work independently and within a multi-national team environment.

Preferred Qualifications :

• Experience in the financial industry. 
• A master’s degree in information security or a related field. 
• Relevant certifications in cybersecurity and project management (e.g., PMP, CISSP, CISM). 
• Knowledge of secure software development practices and DevSecOps principles.