Cybersecurity Engineer

Pour l'un de nos clients, nous recherchons un Cybersecurity Engineer.

Overall Job Description:
The Security and Compliance engineer holds a critical position, ensuring that our corporate information systems not only comply with but also excel beyond the standards such as CMMI and ISO.
This role demands a sophisticated blend of compliance oversight coupled with a robust technical skill set in planning, prototyping, engineering, implementing, operating, and monitoring complex information systems.
The engineer will ensure systems' security, enhance operational efficiency, and guarantee adherence to necessary regulatory compliance standards, with a particular emphasis on cloud solutions.

Activities:
• Good knowledge of compliance standards: spearhead compliance projects to certify that all corporate information systems meet or exceed these benchmarks.

Assessment and Management:
• Conduct thorough risk assessments to identify potential security threats and vulnerabilities within the organization's IT environment.
• Develop and maintain a risk management framework to evaluate and prioritize security risks.
• Propose and implement risk mitigation strategies to reduce the organization's risk exposure.

Policy and Compliance:
• Ensure compliance with industry standards, regulations, and best practices such as ISO 27001, eBios, NIST, GDPR.
• Develop and enforce security policies, procedures, and guidelines to safeguard the organization's information assets.
• Monitor compliance with security policies and procedures and address any deviations.

Security Solutions Implementation:
• Evaluate and recommend new security technologies and tools to enhance the organization’s security posture.
Communication
• Provide security-related guidance and training to employees, fostering a culture of security awareness.
• Knowledge sharing and mentorship: Offer expert advice and training to team members and stakeholders on compliance standards, best practices in system security, and technical procedures, including those related to cloud security solutions. Ensure all team members possess the necessary knowledge and skills to support compliance and security efforts effectively.

#CYBERSECURITY #ISO27001 #NIST #GDPR #SECURITY #RISK

Professional Skills:

• 2 years of experience in multiple IT areas and working in security design functions.

• Cybersecurity knowledge and experience is required.

• Cloud- certification or proven expertise in AWS security solutions are a plus.

• Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is a  differentiator.

• Very good understanding of network security concepts

• Excellent understanding of authentication and authorization mechanisms and  protocols

• Cryptography and latest cryptographic standards, including PKI

• Working knowledge of the OWASP Top 10

• Full-stack knowledge of IT infrastructure:

o Applications

o Databases

o Operating systems — Windows, Unix, and Linux

o IP networks — WAN and LAN

o Knowledge of DevSecOps

o Knowledge of API Architectures

Soft skills:

• Ability to work and communicate in a multi-cultural environment.

• Service-oriented mindset.

• Ability to communicate in writing and verbally in a clear and concise manner.

• Initiative, accuracy, and attention to detail

• Fluency in English (written and spoken) is essential. Any other European language is  a plus.

Other requirements:

• EU Security clearance is a plus

• EU citizenship