Under the responsibility of information technology, you will help improve the corporate security posture by participating in the implementation of appropriate technical and administrative controls. Depending on the needs, expertise and interest, the security specialist will be called upon to intervene in several aspects of the information security program, ranging from the definition of standards and policies to the development of security processes in through the choice of measures to put in place, the deployment of these measures and the measurement of their effectiveness. In addition, he will ensure that security risks are identified, rigorously measured and will be able to propose and implement adequate mitigation measures. He will rely on a wealth of considerable technological experience in order to play a security advisory role with technical stakeholders, with whom he will be called upon to work closely on a regular basis.
We are looking for versatile people with strong aptitudes for some or more of the following activities:
- Maintain and develop a security reference framework including underlying security policies, procedures, standards and guidelines.
- Support an organization in compliance with various normative and regulatory frameworks specific to the field of information security.
- Identify, assess and manage information security risk mitigation.
- Develop and maintain an enterprise security architecture.
- Act as a security advisor in the context of technological projects and write the relevant documentation.
- Develop, implement and optimize processes related to information security (e.g. identity and access management, vulnerability management, incident management, etc.).
- Participate in an information classification process and recommend appropriate protective measures.
- Establish and review continuity and recovery plans.
- Measure the effectiveness of control measures objectively and meaningfully.
- Perform administrative and technical audits.
- Perform penetration testing.
What we are looking for
- Good knowledge of the different levels and technical and administrative controls applicable to the concept of security in depth.
Good knowledge of trends and developments in the field of security.
- Knowledge of the various applicable normative and regulatory frameworks.
- Technical knowledge of the main hacking techniques.
- Knowledge of networking and cloud computing.
- Knowledge of Microsoft systems such as ATP, Office365, Active Directory, Exchange, Teams, SQL Server, SharePoint, SCCM, InTune.
- Practical experience with at least one of the main risk management methods.
- Practical experience in the installation, configuration or operation of various IT security tools (e.g. access management, perimeter management, intrusion detection, data protection, log management, etc.).
- Demonstrate versatility to perform different activities at different levels (strategic, tactical and operational).
- Demonstrate autonomy in the conduct of its projects.
- Be open by accepting constructive feedback.
- Be clear and concise in your communications through different channels.
- Demonstrate critical thinking by expressing your opinion and giving constructive feedback.
- Make projections, share your vision in the short, medium and long term.
- Willingly share knowledge and seek to acquire new ones.
- Relevant experience: 5 to 8 years of experience in an information security role.
- Language requirement: Bilingual (French and English);
- Education: Bachelor's degree in computer science or a related discipline
Any combination of relevant education/experience will be considered.
What we offer
Multisite and multidisciplinary teams
Dynamic and collaborative work environment
AGILE working methodology
Variety of social and sports activities
Charging stations for electric cars
Accessibility to public transport
Bike paths nearby
Annual bonus program