Manager - Cybersecurity: Digital Identity

Wavestone is looking for a skilled Manager in Cybersecurity, specifically focused on Digital Identity. In this strategic role, you will leverage your expertise to develop and implement advanced cybersecurity strategies that protect our clients’ digital identities. You will lead projects, collaborate with cross-functional teams, and engage with clients to ens…

Join Wavestone as a Senior Consultant specializing in Cybersecurity with a focus on Digital Identity. In this pivotal role, you will leverage your expertise to enhance our clients' cybersecurity frameworks, ensuring robust protection of digital identities. Collaborate with cross-functional teams to develop innovative solutions that address complex security challenges.Your insights will shape strategies that not only respond to current threats but also anticipate future vulnerabilities, making a significant impact on our clients' security postures.

In the rapidly evolving digital landscape, organizations are compelled to adopt new technologies and integrate their information systems with partners and clients. As cybercrime escalates, regulatory bodies and governments are intensifying their vigilance. How can we respond effectively? By collaborating with executive management to define a risk-based strategy and ensuring its implementation across all operations, we can achieve a suitable level of protection and appropriate responses to major incidents.As part of the Cybersecurity practice, comprising over 400 professionals, our consultants engage with large corporations on pivotal issues such as incident response, personal data management regulations (GDPR), fraud prevention, connected device security, and cloud data management.• Cybersecurity Strategy: Risk assessment and crisis management• Securing Digital Transformation: Big data, cloud, IoT & Industry 4.0• Digital Compliance: Fraud prevention, privacy protection, critical infrastructure, and sector regulationsAs an intern under the guidance of a project manager, you will undertake:• A study on a forward-looking and innovative topic (from our wide range of practice offerings) that will enhance your academic knowledge and that of the firm, providing in-depth insights into current issues facing our clients and familiarizing you with Wavestone's recognized consulting methodologies.• Client operational missions within project teams to develop essential skills expected of a junior consultant (analysis and synthesis, interpersonal skills, market understanding, client/mission accountability)Additionally, you will have the opportunity to actively participate in the internal dynamics of the firm by:• Contributing to the development of our assets: Shake 'up, The Factory, CréaDesk, Machine Learning & Data Lab, Research & Knowledge Center• Publishing articles on our blogs• Participating in recruitment, school relations, commercial proposal responses, internal training, and internal events.

Join Wavestone as a Senior Consultant in Cybersecurity and Digital Trust, where you'll play a pivotal role in enhancing our clients' digital security posture. In this dynamic position, you will lead projects that assess and improve security measures across various industries. You will collaborate with cross-functional teams to design and implement strategies that foster trust in digital environments, ensuring compliance with regulations and industry standards.

Join Wavestone as a Manager in our Product & Industrial Cybersecurity division. In this pivotal role, you will lead cybersecurity initiatives, ensuring robust protection of our industrial assets and products. Your expertise will guide teams in implementing cutting-edge security measures and strategies that align with industry standards. Collaborate with cross-functional teams to foster a culture of security awareness and drive continuous improvement in our cybersecurity posture.

Join Wavestone as a Cybersecurity Manager specializing in Audit and Incident Response. In this pivotal role, you will lead a team responsible for assessing cybersecurity risks and responding to incidents effectively. Your expertise will be essential in shaping our security strategies and ensuring compliance with best practices. You will collaborate with cross-functional teams to drive initiatives that enhance our cybersecurity posture.

Join Wavestone as a Senior Consultant specializing in Product & Industrial Cybersecurity. In this pivotal role, you will be instrumental in helping clients navigate the complex landscape of cybersecurity threats and develop robust strategies to protect their critical assets. You will leverage your expertise to assess vulnerabilities, formulate security protocols, and implement cutting-edge solutions that align with industry standards.

Join Wavestone as a SOC Offer Manager (H/F) in the dynamic field of Cybersecurity, specializing in CyberDefense and Recovery. In this pivotal role, you will lead the development and delivery of innovative cybersecurity solutions that enhance our clients' resilience against cyber threats. You will collaborate with a talented team of experts, driving strategies that protect organizations from evolving cybersecurity challenges.

Join Wavestone as a Senior Cybersecurity Consultant, where you will play a key role in enhancing the security posture of our clients. You will leverage your expertise in cybersecurity to provide strategic guidance and implement effective security solutions. Your contributions will be essential in safeguarding sensitive information and ensuring compliance with industry standards.

BACKGROUNDEmployee awareness is a crucial element of cybersecurity. However, good security practices have yet to become second nature, and threats continue to evolve. As new regulations require companies to educate their users about cybersecurity (such as LPM...), Wavestone's cyber-awareness offering must also adapt to meet the changing needs of our clients:How do we respond to new attack techniques (from social engineering to targeted attacks)?How do we raise awareness about the challenges posed by new regulations, particularly concerning personal data protection?How can we assess the effectiveness of our initiatives to ensure they are tailored to our audience?What tools/actions can we implement to engage various stakeholders (employees, IT specialists, executive committees, etc.), especially when security is not their primary focus (e.g., creating videos, escape games, etc.)?INTERNSHIP OBJECTIVEThe goal of this internship is to enhance Wavestone's cybersecurity awareness offerings. By consolidating existing materials to make them more accessible and reusable, the intern's work will improve the firm's effectiveness in cyber-awareness missions.The main focus of the internship will be to establish a sustainable organization that ensures the capitalization and dissemination of knowledge. A secondary aspect will involve developing future awareness strategies to ensure the firm can effectively address upcoming challenges.PROJECTS TO BE COMPLETEDUnder the guidance of a consultant and the management of a manager, the intern may be involved in some or all of the following tasks:Leading Wavestone's cyber-awareness offering:Summarizing existing materials to propose templates that address current business challenges in information security,Revising pre-sales presentations showcasing our expertise,Establishing and implementing a sustainable knowledge capitalization process.Conducting monitoring around cyber-awareness topics: identifying key stakeholders, determining necessary resources, and tracking trends in awareness initiatives, etc.;Renewing the methods of engaging various populations within our client organizations: IT functions, managers, executive committees, employees, etc.;Consolidating and designing measures to evaluate the effectiveness of awareness initiatives, enabling reporting to management and executive committees.

CONTEXTMergers and acquisitions (M&A), along with disposals and partnerships, reflect significant strategic choices and are often subject to sensitive negotiations. Nowadays, the information systems (IS) of each company are taken into consideration during these processes. A notable example is the acquisition of Yahoo!'s internet activities by Verizon, where repeated security breaches at Yahoo! led to a $350 million reduction in the initial purchase price, representing a 7% decrease.Once M&As are finalized, the challenge arises of integrating two different IS, often burdened with technical debt on both sides. How can we ensure that two systems operate seamlessly while maintaining optimal security levels? How do we address regulatory constraints that may differ between the two entities?Conversely, disposals present the opposite issue: how to effectively separate an IS into two distinct entities while satisfying both technical requirements (e.g., maintaining operations) and regulatory demands (e.g., ensuring that the divested entity does not access the parent company’s data, and vice versa).Thus, cybersecurity must be prioritized during M&A transactions, whether before, during, or after the transformation.OBJECTIVE OF THE INTERNSHIPThe goal of this internship is to understand the various security challenges associated with information systems in M&A and divestiture projects, specifically to develop Wavestone's insights on the following points:How to assess the security maturity level of companies prior to mergers, acquisitions, divestitures, or partnerships?How to evaluate and ensure security levels during integration or divestiture?How to establish a target security governance structure among the different stakeholders?ASSIGNED TASKSUnder the guidance of a consultant and managed by a team leader, the intern will be involved in one or more of the following tasks:Conduct market research and leverage the firm's experiences concerning audit and security governance issues during M&A projects;Define a methodology for assessing security maturity before mergers, acquisitions, divestitures, or partnerships;Define a methodology to ensure security levels during the transformation phase;Design governance models for the target security function based on the type of M&A.

CONTEXTFinancial organizations face a surge in sophisticated cyberattacks, revealing a deep understanding that hackers possess about the finance sector. Cybercriminal groups have combined their technical prowess with an extensive grasp of business processes and applications within finance. To bolster their defenses against increasingly skilled adversaries and comply with stringent regulations, financial institutions recognize the need to ensure comprehensive security across their most critical processes by developing new technological and functional measures.INTERNSHIP OBJECTIVESWavestone aims to refine its understanding of the most critical business chains (processes and underlying IT systems) in the finance sector and develop relevant security measures tailored to the unique security challenges they face. The processes to be observed include those from retail banks, private banks, investment banks, asset managers, systemic financial infrastructures, central banks, etc.The internship/apprenticeship will involve selecting and analyzing these critical chains for some or all of these actors. This analysis should address the following questions:For each type of actor, what are the top three most vital business chains?Identify and study their dynamicsUnderstand the specific security stakesEvaluate the level of exposure in light of current threatsTarget their structural weaknessesWhat IT components and specialized software support these chains?Model the IT systems incorporating the view of business software solutionsIdentify their potential vulnerabilitiesWhat interdependencies exist among these chains?Understand how the compromise of one can impact anotherWhat relevant measures can be recommended for these business chains?TASKS TO BE PERFORMEDUnder the guidance of a consultant and the direction of a senior manager, the intern will be tasked with performing part or all of the following activities:Study and model critical business processesAssess the security level of specialized IT products and infrastructuresConduct risk analysis of various chains and identify weaknesses

Join Wavestone as a Red Team Leader in the dynamic field of cybersecurity! In this pivotal role, you will lead a team dedicated to auditing and incident response. Your expertise will guide our clients in fortifying their defenses against cyber threats. As a leader, you will not only manage projects but also mentor and develop your team, ensuring they are equipped with the latest skills and knowledge.

Join Wavestone as a Senior Consultant or Manager specializing in Data for Digital Customer Experience. In this role, you will leverage your expertise to enhance customer interactions and drive data-driven strategies for our diverse clientele.Your responsibilities will include analyzing digital touchpoints, developing innovative solutions, and collaborating with cross-functional teams to implement effective customer engagement strategies. You will play a key role in shaping how our clients interact with their customers through digital platforms.

Veolia Environnement SA is looking for an enthusiastic Social and Digital Communication Officer (F/H) in Puteaux. This alternance position suits individuals who enjoy creative communication and want to support sustainable development projects. Role overview This role supports the team in shaping and carrying out digital communication strategies. The focus is on engaging audiences and sharing Veolia’s values through social media and digital channels. What you will do Assist with the design and rollout of digital communication plans Help manage and animate Veolia’s social media presence Engage with a range of stakeholders to promote the company’s brand and sustainability efforts What we look for Motivation and creativity in communication Interest in social media and digital content Desire to contribute to sustainable development initiatives

CONTEXTBoth companies and states are increasingly facing cybercriminal attacks that are growing in scale and complexity. Our clients are not only seeking protection against these attacks but also aiming to learn how to respond quickly and effectively.To meet this demand, crisis management exercises of varying scales are organized to test existing crisis management systems and associated processes through increasingly complex simulations:Initially simulating what are known as “classic” attacks such as data breaches and DDoS attacks on web services.Subsequently confronting crisis management teams with large-scale attacks reminiscent of NotPetya (ransomware) or the Bank of Bangladesh incident (an illicit transfer attempt of $981 million attributed to North Korea): massive data theft, destruction of company tools, fraud, and events causing international media impact.INTERNSHIP OBJECTIVEThe goal of this internship is to assist Wavestone in strengthening and enhancing the effectiveness of its methodologies and tools in crisis management and exercise design.This includes defining innovations that can be applied to existing methodologies for more effective practice in response to large-scale cyberattacks: innovative attack scenarios, tools for more realistic exercise facilitation, and interventions closely aligned with the real actions of cyber attackers.TASKS TO BE PERFORMEDUnder the guidance of a consultant and managed by a manager, the intern may be involved in carrying out part or all of the following tasks:Analysis of major attacks reported in the media or managed by CERT Wavestone and/or creating a sector overview;Identification of improvements to be made to Wavestone's crisis management offering, particularly in conducting exercises;Implementation of identified improvements, such as designing exercises based on real events observed and tools for project teams organizing large-scale exercises, developing pre-packaged exercises in a new format, and creating a crisis management maturity audit grid.

Wavestone is seeking a dynamic and skilled Manager to lead our Cyber Transformation and Compliance initiatives. In this pivotal role, you will oversee the development and implementation of robust cybersecurity strategies and compliance frameworks tailored to meet the evolving challenges of the digital landscape.Your responsibilities will include collaborating with cross-functional teams to assess current security measures, identify vulnerabilities, and design effective solutions that align with industry standards and regulatory requirements. You will play a critical role in enhancing our clients' security posture while ensuring compliance with relevant regulations.

Join Wavestone as a Senior Consultant in UX/UI Design, where you will play a pivotal role in enhancing digital customer experiences. Your expertise in design industrialization will drive innovative solutions that resonate with our clients’ needs. Collaborate with cross-functional teams to create user-centered designs that improve engagement and satisfaction.

CONTEXTData privacy, or the protection of personal data, has emerged as a critical concern for numerous companies, especially those offering online services to their clients and those whose digital strategy is heavily reliant on big data and digital marketing.The demand for customer data collection and the sharing of personal data across various departments (Sales, Customer Service, Digital, Marketing, etc.) and even with third parties is increasingly vital for attracting and retaining customers.The need to safeguard sensitive data—such as health information, lifestyle habits, and geolocation—has been amplified by the enforcement of the General Data Protection Regulation (GDPR) and the rise in data breaches (e.g., Equifax).While digital marketing practices are evolving, innovative usages are also developing, presenting numerous opportunities for B2C players, yet raising concerns among consumers and regulators. What solutions can best protect this data while enabling the implementation of new usages? Do Customer Identity & Access Management (CIAM) solutions today provide adequate responses to the regulatory requirements for personal data protection?INTERNSHIP OBJECTIVEThe goal of this internship is to assist Wavestone in maintaining its market presence by focusing on personal data protection within the customer relationship framework.Additionally, it involves analyzing the risks associated with digital marketing projects, big data, or any new digital usage surrounding data, and developing a set of best practices to mitigate data theft and comply with regulatory constraints.TASKS TO BE PERFORMEDUnder the guidance of a consultant and the supervision of a manager, the intern may be involved in performing some or all of the following tasks:Understanding marketing usages and formalizing them into user-friendly models;Mapping data flows and processing of personal data;Assessing privacy risks posed by innovative projects;Identifying the impacts of GDPR on identity and access management in customer relations;Market analysis to implement the pros and cons of CIAM solutions for regulatory compliance;Establishing golden rules for applying by the company...

CONTEXTIn response to the evolving digital threats and new regulations, the approach to IT security in large organizations is transforming, along with its governance.The digital transformation and new regulations have led to a suite of innovations, including new working methods (such as remote work, agility, DevOps) and new roles (such as chief data officer, data steward) leveraging advanced technologies that redefine how security is delivered (like machine learning, RPA).Furthermore, the digital transformation signals a significant paradigm shift. Information systems security (ISS) can no longer be viewed as it once was under a fortress model, where the perimeter is controlled and the interior is safe. New models, such as those of airports and airlines, appear more apt to reflect the future of ISS.INTERNSHIP OBJECTIVEThe aim of this internship is to identify the shifts in governance and methodologies related to security among our clients and to enhance Wavestone's expertise in this area. This will require an approach that considers all ongoing changes: the use of new tools, the production of new digital tools, the evolution of working methods, and the integration of new actors while maintaining a risk management perspective for ISS:How can ISS adapt to the increasingly rapid delivery methodologies (AGILE, SCRUM, DevOps)?How can emerging technologies (automation, etc.) be utilized to secure the IS?Will future security still be managed at the application level? Is a new data-centric security management model necessary?What impacts will this have on organizations?What interactions, roles, and responsibilities will exist with the new actors emerging from digital transformation?WORK TO BE COMPLETEDUnder the guidance of a consultant and the oversight of a manager, the intern will engage in some or all of the following tasks:Overview of current security activities and their delivery methods within clients of the firm;Analysis of future technological possibilities that could transform the execution of certain activities, including required skills and challenges;Study of various risk analysis methodologies (EBIOS, FAIR, etc.).