Publicis Groupe is a global leader in marketing, communication and digital business transformation. Present in more than 100 countries and employing in excess of 80,000 professionals, Publicis Groupe offers a full range of services and expertise across digital, technology, creative, corporate communications, media strategy, planning and buying and healthcare communications. We are designed to help our clients thrive, with the capabilities, the experience and the understanding of how to unlock growth in a platform world. In the UK, Publicis Groupe includes  world-renowned agencies such as Saatchi & Saatchi, Leo Burnett, Publicis Sapient, Zenith, Starcom, Publicis Health and Epsilon amongst others.

Re:Sources is the backbone of Publicis Groupe. We are Publicis Groupe's shared services platform. Formed in 1998, Re:Sources was created to streamline centralised functions of Publicis Groupe agencies. We have now grown to 5,000+ professionals operating 40 shared service centres (SSCs) and servicing a network of prestigious agencies across the globe supporting 63 markets. We provide technology solutions and business services including finance, accounting, information technology, global security, legal, payroll and benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients.

This position is an active member of the Global Security Office (GSO), the security organization of Publicis Groupe under Re:Sources, responsible for supporting security compliance activities globally to Groupe agencies. This position supports security requirements of Publicis Groupe, it’s agencies, and ensures the success of business by working collaboratively with internal and external stakeholders. This position also coordinates dependencies across the disciplines and organization to understand and address the ever-changing security landscape and security-related business requirements. This position reports into the Manager, Information Security.

The responsibilities associated with the position are as follows:

• Contributes to the broad range of global initiatives as guided by the Leadership of the Global Security Office team.

• Perform Security risk assessments of Projects and Suppliers using security risk assessment methodology.

• Serves as a consultant on administrative, physical and technical security controls required for security compliance. Coordinates the implementation of security controls.

• Perform Security risk assessment and Security architecture review of cloud solutions.

• Reviews the client security requirements e.g. security terms in Master Services Agreements (MSAs), Statement of Work (SOW), etc. and ensures those requirements can be met by Publicis Groupe agencies through implementation of security controls.

• Participates in client security discussions on contractual requirements and ensures a common understanding of the security controls required to protect the client information and other compliance requirements.

• Responds to client security questionnaires, requests for proposal/information, annual compliance reviews, and attends client meetings.

• Participates in internal and external security audits. Supports the Publicis Groupe agencies by managing the client-sponsored audits. Serves as the focal point of internal, external and customer security audit requests and testing.

• Coordinates evidence production on request, coordinates availability of resources and systems, and ensures readiness for each audit cycle.

• Provides support to Publicis Groupe agencies on security compliance topics such as ISO 27001 certification, and partners on certification / attestation initiatives as determined by business needs from time to time.

• Maintains awareness of the current industry environment that shapes opportunities for client solutions (i.e. news events, trends, mergers, etc.).

ESSENTIAL JOB REQUIREMENTS:

• Partner with agencies to address their clients’ security requirements.

• Promote business partnerships regarding compliance risk issues with internal and external stakeholders.

• Maintain a support role in information security implementation. Implement improvement program for security compliance processes.

• Demonstrate communication skills regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.

• Demonstrate interpersonal, presentation, and relationship skills required for supporting the internal and external customers.

• Language skills (oral, written and listening) : English and French

 OTHER JOB REQUIREMENTS:

• Good communication and presentation skills.

• Ability to work effectively and collaboratively with stakeholders.

• Willingness to work with geographically dispersed teams; may involve working during non-business hours occasionally to accommodate time-zone differences.

• Travel: This position will periodically visit other offices; may require domestic or international travel.

Education & Certifications

• Degree from an accredited University, preferably in Computer Science, Information Systems, or a related field; relevant working IT or security  experience considered. Education and experience should also include auditing and/or operational risk management exposure.

• Security certification such as ISMS Lead Auditor, ISMS Lead Implementer, CISA, CISM, CISSP or CRISC strongly preferred.

Experience

• At least 3+ years of IT and / or information security-related experience, audit, risk or compliance experience.

• Familiarity with general information security controls, processes and principles.

• Experience in managing an ISMS (ISO 27001) implementation.

• Exposure to other standards like SOX, SSAE 16, PCI:DSS.

Core Competencies

• Team Work

• Communication

• Results Driven

• Customer Focus

• Relationships

• Adaptability to Change

• Continuous Improvement

Technical Competencies

• Security Audits

• Security Risk Assessments

• ISO 27001 implementation

• Security Documentation

As part of our dedication to create an inclusive and diverse workforce, Publicis Groupe UK is committed to equal access to opportunity for people without regard to race, age, sex, disability, neurodiversity, sexual orientation, gender identity or religion. We are committed to providing reasonable adjustments for candidates with disabilities in our application process. If you need assistance or adjustment due to a disability, please contact us

As a Re:Sources UK employee, an array of benefits are offered - in addition to a leading compensation package; 25 days paid annual leave, birthday day-off, life assurance, income protection, private healthcare for you and your family (pre-existing conditions included), and a pension is the least we want to provide to you. The learning opportunities are endless and you will be a part of a game-changing and world-class organisation that encourages outside-the-box thinking and empowerment to know that the world is your oyster when it comes to your career.