As a Senior Information Security Engineer, you will play a key role in building security and privacy by design in our information systems and products.
As part of the Information Security Service, you will collaborate with our IT and Software Engineering Departments to design, review, and audit security measures across a wide range of products and technologies. You will contribute to automating security processes and activities, identify and analyze new risks and vulnerabilities, and design effective remediation to improve our security posture. You will also contribute to the software engineers' security training, fostering a culture of security consciousness among employees and stakeholders.
Together with the other members of the IT Security team, you will contribute to making our Bank more secure and resilient, and to grow efficiently in an increasingly regulated industry.
We are looking for a seasoned Information Security professional who can leverage their expertise and thrive in a dynamic, fast-paced environment. If you are eager to embrace this challenge, we look forward to receiving your application.
Responsibilities
* Provide security advisory and guidelines to software engineering teams to elaborate, enforce, and monitor security controls and solutions.
* Perform risk assessments of new projects and support teams in applying mitigation measures.
* Design secure architectures and perform threat modelling.
* Contribute to security automation (SOAR, scripting recurring tasks).
* Review and improve our SDLC security based on known tools and standards (PCI SSD, OWASP, OpenSAMM).
* Contribute to elaborating security reports and dashboards.
* Coordinate with security testing providers and internal teams for penetration tests and vulnerability reports.
* Participate in our internal Red Team activities.
* Advise on technical solutions related to crypto custody services and participate in their elaboration.
* Participate in the due diligence process when onboarding a partner or technical solution.
* Operate and maintain HSMs and crypto custody solutions.
* Participate in security incident response activities.
Qualifications
Mandatory
* Minimum 5 years experience as Security Engineer, Architect, or similar roles.
* Ability to communicate and engage with various departments and teams.
* Excellent French and English communication skills, oral and written.
* Good command of scripting and programming languages (Python, PowerShell, Java).
* Knowledge of technologies and concepts such as SIEM, EDR, SOAR, Cloud, Networking, Windows, Linux.
* Solid analytical and critical thinking abilities.
Desired
* Bachelor or Master in Computer Science or similar.
* Experience with Kubernetes and Microsoft Azure.
* Experience with: Microsoft Defender XDR, Microsoft Sentinel, Elastic / Kibana, OpenCTI, Java.
Please note that if you are NOT a passport holder of the country for the vacancy you might need a work permit. Bank or payment details should not be provided when applying for a job. All applications should be made via the 'Apply now' button.
#J-18808-Ljbffr