EQUANS
Equans is a world leader in the energy and services sector, with annual revenues of nearly €19,2 billion* and almost 800,000 projects.
Equans has leading positions in Europe, which is the result of the history of energy construction in these countries, and strong presences in North and South America and in Oceania.
With nearly 90,000 highly skilled employees, Equans has a strong geographic footprint, anchored by historic local brands. Equans provides its customers with excellent technical expertise in the design, installation, maintenance, and operation of multi-technical facilities. This know-how is based on key skills. First of all, in electrical and thermal engineering - two strong points that help accelerate the reduction of our clients' carbon footprint - but also in ventilation, refrigeration, mechanics and robotics, fire protection, energy renovation, digital solutions, IT, cyber security and telecommunications.
The combination of thes expertises allows us to offer efficient and optimised solutions at all stages of the energy chain, from production, storage and transport to usage.
(*) Turnover 2024 consolidated
GRC analyst (F/M)
Summary of the role:
Within the EQUANS CEDE IT department, you will be part of the CEDE Cyber team, that helps the EQUANS Central Europe business entities enhancing their cybersecurity posture and protecting our assets and business activities. This team is led by the MCISO CEDE and is reporting to the Global CISO.
As GRC Analyst, you will play a critical role in driving compliance, risk management, and governance across multiple European business units. You will coordinate audits, manage regulatory alignment, and help strengthen cybersecurity governance and awareness within the MBU CEDE countries (Italy, Germany, Austria, Hungary, Czech Republic) and BU Energies in France.
KEY RESPONSIBILITIES:
- Participate in cybersecurity audits and compliance initiatives, focusing on standards such as ISO 27001 and NIS2.
- Plan and deploy awareness and training campaigns tailored for the countries within the Business Unit.
- Identify, assess, and monitor cyber risks in collaboration with local IT departments, and develop actionable risk mitigation plans.
- Enhance governance frameworks including reporting and escalation processes for cybersecurity compliance indicators.
- Support continuous improvement of cybersecurity policies, procedures, and controls in line with evolving regulations and organizational needs.
- Act as a subject matter expert during internal or external audits and assessments related to cybersecurity within CEDE.
- Maintain cybersecurity baseline in business projects
PROFILE:
Academic background & Experience:
- You have a higher education degree (an Engineering degree in cybersecurity or a Master’s degree in Computer Science and networks) or a proven experience as a Cyber Security consultant (more than 3 years).
- Proven experience with cybersecurity frameworks and compliance standards (ISO 27001, NIS2, GDPR).
- You are recognized for your expertise in securing systems, with ideally some related certifications (CISSP, CISM, GSEC, ISO 27005) or certifications related to the cybersecurity.
- You have a good understanding of our clients' business challenges.
Qualifications and Skills:
- Strong analytical skills with the ability to evaluate risks and define remediation actions.
- Excellent interpersonal skills with the ability to build relationships and work cross-culturally across diverse teams and stakeholders.
- Fluent in English and German are mandatory; proficiency in other local languages (Italian, Hungarian, Czech, etc.) is highly desirable to effectively collaborate across MBU CEDE countries.
- Ability to work collaboratively with both local IT teams and centralized support services (SLS).
- Proactive, adaptable, and able to work independently in a multi-country, multi-cultural environment.
- Strong problem-solving skills coupled with a collaborative, team-oriented mindset.
- Excellent organizational and time-management skills with attention to detail.
- Confident communicator, capable of explaining complex technical or compliance topics clearly to non-experts.
Why Join Us?
- Global Impact: Influence cybersecurity across a multinational company.
- Challenging Projects: Work IT and Cybersecurity transformation program with real business impact.
- Collaborative Culture: Work with experts in cybersecurity, cloud and compliance.