Re:Sources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 4,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients.   

In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.

·       4-6 years of industry experience in Governance Risk, and Compliance

·       Perform IT Risk Analysis and Security Assessments

o   Understand security requirements

o   Identify potential risks

o   Analyze and score risks

o   Recommend compensating/mitigating controls

o   Evaluate the company’s previous handling of risks

·       Conduct kickoff, status, and closing meetings with stakeholders

·       Mange third-party SOC audits as the key liaison for the organization, driving compliance throughout the year and managing the audit with the organization’s third-party auditor.

·       Drive compliance across frameworks (e.g. NIST CSF, SSAE 18 SOC 1,2,3, PCI, ISO 27001, etc.) as well as internal policies and procedures.

·       Assist in preparing reports to present to management.

·       Develop project plans, tracking, and reporting, as well as drive stakeholders to completion for audit deliverables

·       Perform miscellaneous job-related duties as assigned.

·       Ensure compliance issues are correctly identified, evaluated, investigated and resolved.

·       Provide consultative services to business areas on the appropriate controls needed to ensure ongoing regulatory compliance.

·       Strong experience and detailed understanding of technology, regulations, and information security or compliance management best practices

·       Ability to evaluate and recommend preventative and corrective controls to mitigate risk to the organization.

·       Understanding of various components of an information security program

·       Technical aptitude, with the ability to effectively communicate with a working knowledge of all areas of IT controls.

·       Conduct periodic reviews of Information Security risk within the policies, procedures and frameworks to identify opportunities for continuous improvement and ensure that the content remains accurate and current

·       Execute plans or roadmaps for security service strategy proposed improvements.

Technical Requirements

·       Strong project management and communication skills (written and oral) with internal stakeholders and external/internal auditors

·       Possession of standard certifications in Information Security or Compliance (CISSP, CISA, CISM, CRISC)

·       Significant experience in applying SOC audit requirements to business and technical environments while providing a service-oriented leadership approach to maintaining compliance

·       Strong working expertise with Information Security, Compliance & IT Management Standards; ISO27001, SOC 1 & SOC 2, PCI

·       Understanding of technology frameworks, including NIST CSF and ISO 27001

·       Proficiency with Microsoft Office software, Excel, Word, PowerPoint, Visio and SharePoint

·       Intermediate abilities in Excel, including pivot tables and vlookups

·       Experience supporting security controls, compliance and audit activity within a service provider organization

·       Understanding of supporting security controls, compliance and audit activity within a service provider organization with multiple technologies and architectures; Windows, Unix/Linux, VMWare, Oracle, SQL, IPS/IDS, DLP, and other security technologie

·       Strong understanding of business applications

·       Knowledge of network infrastructure

·       Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues

·       Advanced written and verbal communication and presentation skills

·       Excellent teamwork and client service skills