Cybersecurity Engineer

• Implement and manage event log management and analytics platforms, including Splunk Enterprise and Cribl Stream Enterprise.
• Implement and operate cybersecurity solutions across the organization, including endpoint protection, PKI, encryption services, log management platforms, and security assurance tools. Proactively monitor systems to detect and respond to security events.
• Operate and maintain incident management and response tools, deployed as containers in HashiCorp Nomad.
• Respond to security incidents with full technical analysis, remediation, and recovery to restore normal business operations as quickly as possible.
• Manage changes in a structured and controlled manner, ensuring minimal disruption.
• Regularly review, update, and optimize all cybersecurity solutions under your responsibility.
• Contribute to all aspects of cybersecurity design, deployment, and operation under the guidance of the Head of Service
• Develop scripts and automation tools to improve operational efficiency and streamline security processes. Conduct threat hunting, execute investigative scripts, analyze results, and escalate or remediate identified threats.
• Continuously assess and enhance cyber defense capabilities, ensuring the organization's security posture evolves with emerging threats.

Documentation:

• Draft design documentation for implemented solutions.
• Develop and maintain standard operating procedures (SOPs) and technical guidelines.

Collaboration and Communication:

• Work closely with management and other ICT operations teams (network, datacenter, applications) to ensure proper and timely implementation of solutions.
• Support ICT product owners and teams in designing secure architectures and configurations. Provide input for security policies, standards, and guidelines. Act as the point of contact for evaluating and recommending appropriate security solutions.
• Ensure cross-team requirements are considered in all cybersecurity initiatives.
• Escalate potential issues that could reduce organizational cybersecurity or hinder solution deployment.

• Master's degree in Computer Science, Cybersecurity, or a related field and minimum 6 years of relevant professional experience
• Three years operational and technical experience in cyber-defense, including deployment and operation of a SOC, CSIRT, security assessment platforms, or technical security infrastructure (PKI, endpoints, etc.).
• Two years experience as a team or technical lead for major security-related projects.
• At least one recognized ICT Security professional certification
• Proficiency with log management and SIEM solutions (Splunk, Cribl).
• Expertise in security architecture and design of cybersecurity solutions.
• Strong understanding of network concepts and associated security technologies, including: Internet/Intranet/Extranet, authentication systems, firewalls, proxies, IDS/IPS, email gateways, IP security, remote access control.
• Windows Security: workstation and server hardening, Active Directory management, log collection and processing.
• Linux Security: server/workstation hardening, monitoring, and log processing.
• Cloud Security: familiarity with Microsoft cloud environments (Sentinel, EntraID, Defender) and AWS cloud environments (GuardDuty, Security Hub).
• Very good knowledge of both written and oral English
• Good command of French is an asset