Security Engineer

As a Security Engineer, you will play a central role in ensuring the security and confidentiality of our infrastructures and products. Your key responsibilities will include:

Risk Management and Compliance

Identify and assess major security risks facing the company.
Develop a Risk Prevention Plan (DRP) and establish proactive security standards.
Oversee the security incident response process, including preparation, detection, response, recovery, and post-incident analysis to prevent recurrences.
Implement, among others, the ISO 27001 standard and ensure the company’s ongoing compliance with it.
Infrastructure Security and Maintenance

Strengthen and secure the IT infrastructure to protect the company’s and its clients’ data.
Monitor and maintain the infrastructure to ensure the availability, performance, security, and reliability of systems.
Collaborate with development teams to implement advanced cybersecurity solutions and ensure the resilience of the infrastructure against emerging threats.

Design and Implementation of Security Strategy

Develop and keep up-to-date the information systems security policy, aligned with the strategic needs of the company.
Work with the Manager to create the security roadmap, considering client requirements and the various teams.
Participate in evaluating the security of innovations added to our products.

Supplier Selection and Management

Evaluate and select technologies and suppliers to meet the company’s cybersecurity needs and present them to the Manager for approval.
Collaborate with managers to choose service providers, draft requests for proposals, and participate in the selection and contracting processes.

Technical Knowledge
Operating Systems: Expertise in Windows and Linux.
Networks: In-depth knowledge of networks (Fortigate firewalls, Cloudflare WAF, VPN, VLAN management, SDN) as well as network security (IDS/IPS, DDoS protection).
Cloud: Mastery of cloud infrastructures (ideally GCP) and cloud security solutions (IAM, encryption, access control).
Security: Expertise in cryptography, vulnerability management, and incident detection and response (SOC).
Microsoft 365 Security and Compliance Tools: In-depth knowledge of Microsoft 365 tools dedicated to security and compliance (e.g., Intune, Defender).
Compliance and Regulations: Good understanding of regulations such as GDPR and security standards (e.g., ISO 27001, NIS2).
DevSecOps: Integration of security practices into CI/CD pipelines and close collaboration with DevOps teams.
Your Profile
Confirmed experience of 4 years in a similar role.
Master’s degree in the field of Security of Systems and Networks.
Strong analytical and problem-solving skills with a proactive approach.
Ability to work in a team and communicate effectively, even on complex technical topics.
A security certification, such as CISSP, CISM, CEH, Google Professional Certification, or Fortinet, would be a plus.