This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Summary of the role: Cybersecurity is part of Equans Group Core values. At Group level, the Governance, Risk and Compliance team provides a foundation of security policies, risk management practices, and compliance, cybersecurity awareness initiatives and third party risk management across Equans. Job Purpose: The Digital Operational IT Resilience Officer ensures our digital infrastructure can absorb, adapt to, and rapidly recover from severe operational disruptions. You will design, implement, and govern the organization's digital operational resilience framework. Your focus will shift our IT posture from pure defense to guaranteed business survival during cyberattacks, system outages, and third-party vendor failures.
Job Responsibility
Define the enterprise-wide Digital Operational Resilience strategy and policy framework
Align IT resilience capabilities with global standards (ISO 22301, ISO 27031, NIST)
Ensure strict compliance with regional regulations, including EU DORA and NIS2
Lead the design, maintenance, and execution of IT Disaster Recovery Plans (DRPs)
Conduct comprehensive Business Impact Analyses (BIA) to map critical assets
Define and enforce Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO)
Orchestrate rigorous, regular IT resilience testing, including tabletop and live-fire simulations
Coordinate Threat-Led Penetration Testing (TLPT) alongside internal and external red teams
Analyze testing outcomes to identify vulnerabilities, tracking remediation to closure
Assess the resilience capabilities of critical ICT third-party service providers
Audit vendor business continuity plans to eliminate single points of failure
Draft resilience, exit, and data-migration clauses into vendor service level agreements (SLAs)
Serve as a core member of the Intervention Management Team during major IT disruptions
Develop communication protocols for internal stakeholders, regulators, and clients during outages
Conduct post-incident reviews to convert operational failures into structural resilience updates
Requirements
Bachelor Degree in Computer Science, Cyber Security, Information Systems, or a related field
French level at Conversational level
5+ years of experience in IT Risk Management, Cybersecurity, or Disaster Recovery
Proven track record of implementing IT resilience programs
Strong understanding of enterprise architecture, network topology, and data replication
Excellent communication skills, with the ability to translate complex technical risks into business terms for C-suite executives