Senior Security Engineer

As a Senior information Security Engineer you will play a key role in building security and privacy by design in our information systems and products.

As part of the Information Security Service you will collaborate with our IT and Software Engineering Departments to design review and audit security measures across a wide range of products and technologies and you will contribute to automating security processes and activities. You will be responsible to identify and analyze new risks and vulnerabilities and to design effective remediation to improve our security posture. You will also contribute to the software engineers security training fostering a culture of security consciousness among employees and stakeholders.

Together with the other members of the IT Security team you will contribute to make our Bank more secure and resilient and to grow efficiently in an increasingly regulated industry. 

We are looking for a seasoned Information Security professional who can leverage their expertise and thrive in a dynamic fast-paced environment. If you are eager to embrace this challenge we look forward to receiving your application.

• Provide security advisory and guidelines to software engineering teams to elaborate enforce and monitor security controls and solutions.
• Perform risk assessments of new projects and support teams in applying mitigation measures.
• Design secure architectures and perform threat modelling.
• Contribute to security automation (SOAR scripting recurring tasks).
• Review and improve our SDLC security based on known tools and standards (PCI SSD OWASP OpenSAMM)
• Contribute to elaborating security reports and dashboards.
• Coordinate with security testing providers and internal teams for penetration tests and vulnerability reports.
• Participate to our internal Red Team activities.
• Advise on technical solutions related to crypto custody services and participate in their elaboration.
• Participate in due diligence process when onboarding a partner or technical solution.
• Operate and maintain HSMs and crypto custody solutions.
• Participate to security incident response activities.

Qualifications :

Mandatory

• Minimum 5 years experience as Security Engineer Architect or similar roles
• Ability to communicate and engage with various departments and teams
• Excellent French and English communication skills oral and written
• Good command of scripting and programming languages (Python PowerShell Java)
• Knowledge of technologies and concepts such as SIEM EDR SOAR Cloud Networking Windows Linux
• Solid analytical and critical thinking abilities

Desired

• Bachelor or Master in Computer Science or similar
• Experience with Kubernetes and Microsoft Azure
• Experience with: Microsoft Defender XDR Microsoft Sentinel Elastic / Kibana OpenCTI Java

Additional Information :

SQ2

Remote Work :

No

Employment Type :

Full-time