EQUANS
Equans is a world leader in the energy and services sector, with annual revenues of nearly €19,2 billion* and almost 800,000 projects.
Equans has leading positions in Europe, which is the result of the history of energy construction in these countries, and strong presences in North and South America and in Oceania.
With nearly 90,000 highly skilled employees, Equans has a strong geographic footprint, anchored by historic local brands. Equans provides its customers with excellent technical expertise in the design, installation, maintenance and operation of multi-technical facilities. This know-how is based on key skills. First of all, in electrical and thermal engineering - two strong points that help accelerate the reduction of our clients' carbon footprint - but also in ventilation, refrigeration, mechanics and robotics, fire protection, energy renovation, digital solutions, IT, cyber security and telecommunications.
The combination of these expertise allows us to offer efficient and optimised solutions at all stages of the energy chain, from production, storage and transport to usage.
(*) Turnover 2024 consolidated
DIGITAL OPERATIONAL IT RESILIENCE OFFICER
Summary of the role:
Cybersecurity is part of Equans Group Core values. At Group level, the Governance, Risk and Compliance team provides a foundation of security policies, risk management practices, and compliance, cybersecurity awareness initiatives and third party risk management across Equans.
Job Purpose:
The Digital Operational IT Resilience Officer ensures our digital infrastructure can absorb, adapt to, and rapidly recover from severe operational disruptions. You will design, implement, and govern the organization’s digital operational resilience framework. Your focus will shift our IT posture from pure defense to guaranteed business survival during cyberattacks, system outages, and third-party vendor failures.
Key Responsibilities:
1. Framework & Governance:
- Define the enterprise-wide Digital Operational Resilience strategy and policy framework.
- Align IT resilience capabilities with global standards (ISO 22301, ISO 27031, NIST).
- Ensure strict compliance with regional regulations, including EU DORA and NIS2.
2. Business Continuity & Disaster Recovery (BC/DR):
- Lead the design, maintenance, and execution of IT Disaster Recovery Plans (DRPs).
- Conduct comprehensive Business Impact Analyses (BIA) to map critical assets.
- Define and enforce Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
3. Resilience Testing in Engineering:
- Orchestrate rigorous, regular IT resilience testing, including tabletop and live-fire simulations.
- Coordinate Threat-Led Penetration Testing (TLPT) alongside internal and external red teams.
- Analyze testing outcomes to identify vulnerabilities, tracking remediation to closure.
4. ICT Third-Party Risk Management:
- Assess the resilience capabilities of critical ICT third-party service providers.
- Audit vendor business continuity plans to eliminate single points of failure.
- Draft resilience, exit, and data-migration clauses into vendor service level agreements (SLAs).
5. Incident Response:
- Serve as a core member of the Intervention Management Team during major IT disruptions.
- Develop communication protocols for internal stakeholders, regulators, and clients during outages.
- Conduct post-incident reviews to convert operational failures into structural resilience updates.
Required Qualifications & Skills:
Education & Experience:
- Bachelor’s Degree in Computer Science, Cyber Security, Information Systems, or a related field and French level at Conversational level.
- 5+ years of experience in IT Risk Management, Cybersecurity, or Disaster Recovery.
- Proven track record of implementing IT resilience programs.
Technical & Soft Skills:
- Strong understanding of enterprise architecture, network topology, and data replication.
- Excellent communication skills, with the ability to translate complex technical risks into business terms for C-suite executives.