AmbitionBox
Search
Jobs
- Reviews
- Salaries
- Interview Questions
- About Company
- Benefits
- Jobs
- Office Photos
- Community
Add office photos
All Filters
60 Michelin Jobs
App security analyst 1
Michelin
posted 3hr ago
Job Role Insights
Flexible timing
Key skills for the job
Job Description
App security analyst 1
- - - - - - - - - - - -
MISSION
As part of the Michelin Groups Cybersecurity Expert (Business Support, Business Protection, Promotion of Responsible Security Behavior), in a field defined by the Michelin (Department DOTI) for ISIT security activities at DOTI and as a member of the CSSI team at DOTI :
- He/she is the privileged point of contact for all security aspects of his/her entity and liaises with his/her management team for the implementation of and compliance with security rules and practices.
- Together with DOTI/SSI, he/she defines the security roadmap for his/her entity, communicates it and contributes to its adoption.
- Provides the necessary support to project teams and day-to-day operations to ensure that security requirements are effectively implemented (e.g. follow-up of action plans following penetration tests, MGSR (security guidelines by Michelin).
- Deploys the Security by design approach within the entity and contributes to security education and training, which includes but not limited to SAT (security acceptance testing), vulnerability management, obsolescence management, patch management, enforcement of strong authentication and security by design framework.
- Participates in the network of entity security correspondents and monitors the various ad-hoc subjects initiated with Group Security.
- Maintains a technological and innovation watch for elements specific to his entity in terms of safety, in line with the entitys needs and requirements (for all non-specific matters, other entities oversee safety watch).
- Conducts and provides first-level support for risk analysis within the entitys application perimeter and contributes to vulnerability detection and remediation (EBIOS analysis, vulnerability scan follow-up, patch forum).
- He/she contributes to the dissemination and evangelization of best practices and safety regulations, by coordinating a network of safety contacts within his/her entity.
- He/she will act as backup to the Team Lead technical team.
KEY EXPECTED RESULTS
PERFORMANCE MEASUREMENT
1 Security by design enforcement
- All projects should follow the best practices of SecByDesign, max deviation should not cross 0.02% defects
2 Vulnerability Patch management
- Maintain the N-1 cycle and approach and ensure all assets, library and platform is updated with latest patch
3 Security Acceptance Testing
- All project should qualify the specific security requirement on project and should not over-cross the requirement
4 Obsolescence Management
- Life-cycle management of all ISIT assets, platform, OS, DB, Middleware, front-end, back-end and libraries
- Deviation should be mitigated within stipulated time-frame, maintain proactive eol and eos information and communicate with business for refresh
5 Security Authentication / Privilege management
- Strong security authentication for integrated system and human interacted software systems, if user is privilege then it must go thru MFA or Passwordless authentication mechanism.
- Generic ID s and PKI certificate life-cycle should be maintained and managed within due course of time-line.
MAIN ACTIVITIES
By following security charter process:
- Identifies evolution of critical assets and local points of contacts.
- Contributes to cybersecurity plan and evolutions of cybersecurity methods.
- Select CIS Framework controls, validate what is needed with respect to business services solution
- Lead the business team to create right synergies between core security team and PNI security team
- Work with the business to promote a culture of Risk awareness and control and to ensure consistency of practice and approach.
- Being proactive to provide right learning content to your team of developer to adopt the security by design framework
- Ensure the implementation of good security practices by dev/indus/test/operation teams, including in devops mode.
- Ensure regular reviews of user accounts on the scope of consolidation to ensure a good level of security
- Ensure regular reviews to ensure that the observed scope is compliant and that there is no shadow IT, identify the possible shadow IT.
- Verifies project security architectures in conjunction with the DOTI and group security teams.
- Controls the security level of dev/indus/test/prod environments and compliance with security rules for multi-tenant cloud environments and outsourcing actions.
- Ensure timely creation of roadmap and leading discussion with business to ensure all platforms are refreshed on timely manner, OS/DB s are updated once they are reaching their life-cycle, middleware, libraries are refreshed and used as and when they become obsolete
- Follows up progress of corrective action plans until closure.
Employment Type: Full Time, Permanent
Read full job descriptionPrepare for Security Analyst 1 roles with real interview advice
What people at Michelin are saying
What Michelin employees are saying about work life
based on 748 employees
Flexible timing
Monday to Friday
No travel
Day Shift
Michelin Benefits
View more benefits
Compare Michelin with
Bridgestone
Compare
Goodyear
Compare
Continental
Compare
Apollo Tyres
Compare
Ceat Tyres
Compare
MRF Tyres
Compare
JK Tyres
Compare
TVS Eurogrip
Compare
Balkrishna Industries
Compare
Bosch
Compare
Faurecia
Compare
Hitachi Astemo
Compare
Valeo
Compare
CIE Automotive
Compare
Continental Automotive Components
Compare
DENSO
Compare
Tenneco
Compare
Hyundai Mobis
Compare
JTEKT
Compare
MAHLE ANAND Filter Systems
Compare
Similar Jobs for you
Share an Interview