Security Analyst & Auditor

Security Analyst & Auditor

Bedrijfsomschrijving

Join us at Orange Business!
We are a network and digital integrator that understands the entire value chain of the digital world, freeing our customers to focus on the strategic initiatives that shape their business.
Every day, you will collaborate with a team dedicated to providing consistent, sustainable global solutions, no matter where our customers operate. With over 30,000 employees across Asia, the Americas, Africa, and Europe, we offer a dynamic environment to develop and perfect your skills in a field filled with exciting challenges and opportunities.

About the Role
As part of the Security Compliance, Audits & Controls (SCAC) team, you will be responsible for ensuring that Orange Business has a comprehensive and effective set of security controls in place, in alignment with new EU regulations including NIS2, DORA, CRA, REC, and the AI Act. These regulations introduce a series of complex security requirements that need to be consistently implemented and auditable. While some of these controls have already been implemented, there are gaps and vulnerabilities that need to be addressed, improved, and maintained over time.

Your role will involve designing, improving, and implementing security controls, ensuring they meet regulatory standards, and collaborating with other team members to execute ongoing controls. You'll work on process design, documentation, and tooling improvements, helping the team meet evolving security needs.

This is a hands-on role that combines technical expertise with strong organizational skills, attention to detail, and the ability to drive improvements in a dynamic and complex regulatory environment.

Key Responsibilities

Design & Improve Security Controls

• Develop and enhance security controls in line with EU regulations (NIS2, DORA, CRA, REC, AI Act), including creating clear processes, RACI frameworks, and recommending or integrating necessary tools to support compliance.

Audit & Compliance Assurance

• Participate in configuration audits and compliance checks to ensure the organization meets regulatory requirements. Identify any gaps or vulnerabilities, document findings, and help to implement mitigation actions.

Collaboration

• Work closely with other SCAC team members to run existing controls, share knowledge, and ensure that all controls are applied consistently across the organization.

Documentation & Reporting

• Produce detailed documentation for controls, processes, and audits, ensuring that all steps are auditable and transparent. Draft clear reports and follow-ups on control progress, findings, and remediation efforts.

Continuous Improvement

• Stay updated with evolving regulations, cybersecurity trends, and best practices. Proactively suggest improvements to security processes and controls based on new developments or lessons learned.

Stakeholder Engagement

• Engage with internal teams and stakeholders across the organization to ensure security compliance requirements are well understood and met, facilitating knowledge-sharing and promoting security awareness.
   

Key Requirements

Technical Skills

• Strong knowledge of IT systems, cybersecurity, and system administration.
• Familiarity with industry standards for cybersecurity and compliance.
• Experience with configuration audits, security assessments, and control design.
• Proficiency in security tools, risk management software, and documentation systems.

Soft Skills

• Attention to Detail – Ability to design flawless processes and ensure every aspect of security controls is covered comprehensively.
• Good Writing Skills – Ability to document complex technical processes clearly and concisely, creating well-structured reports and communications for different audiences. 
• Strong Will & Determination: A results-driven mindset with the ability to drive change, keep progress on track, and ensure high-quality outputs even in challenging situations.
• Problem-Solving Skills: Ability to assess complex security challenges and propose practical, effective solutions.
• Collaboration & Communication: Strong interpersonal skills with the ability to engage and work effectively with cross-functional teams and stakeholders.
• Language Proficiency – Good level of English and French, both written and verbal, to communicate effectively across a multilingual team and with external stakeholders.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related field
• Certifications: Relevant certifications (e.g., CISSP, CISM, CISA, or equivalent) are a plus.

Experience

• At least 5 years of experience in cybersecurity, IT compliance, or related fields
• It will be an advantage if you have experience working in or around regulatory frameworks like NIS2, DORA, CRA, or the AI Act.

You bring passion, energy, taste for exploration and adaptability. You seek the opportunity to expand your knowledge and develop new skills.

• Global Opportunities: Work in multi-national teams with opportunity to collaborate with colleagues and customers from all over the world.
• Flexible Work Environment: Flexible working hours and possibility to combine work from office and home (hybrid ways of working).
• Professional Development: training programs and upskilling/re-skilling opportunities.
• Career Growth: Internal growth and mobility opportunities within Orange.
• Caring and Daring Culture: Health and well-being programs and benefits, diversity & inclusion initiatives, CSR and employee connect events.
• Reward Programs: Employee Referral Program, Change Maker Awards.

Regardless of your age, gender identity, race, ethnic origin, religion/belief, sexual orientation, marital status, neurotype, disability, veteran status or appearance, we encourage diversity within our teams because it is a strength for the collective and a vector of innovation. Orange Group is a disabled-friendly company and equal opportunity employer: don't hesitate to tell us about your specific needs.