Job description:

Being part of a trio to bring solutions to cybersecurity issues to the client.

• Act as a cybersecurity specialist in the design of cybersecurity solutions and platforms for the protection and monitoring of all client and partner assets. 
• Analyze requests for improvement of information security capabilities and controls submitted by business areas, IT and IS operational groups, compliance and enterprise risk management in order to determine the processes, tools and/or services to prioritize in our next blocks of deliverables (Aanning lncremental or A) of information security products;
• Define the functional and non-functional requirements of the products to be integrated or improved in the suite of tools and services supporting information security operations;
• Act as a security advisor to the procurement team for the acquisition process of professional services, products and/or services, such as defining evaluation criteria, validating supplier responses and negotiating the contract;
• Contribute to the security regulatory framework for the drafting of security directives, rules, standards and guides;
• Act as an expert and advisor in threat modeling, risk quantification and the identification of deficient information security controls in order to ensure their prioritization and planning in the security program;
• Provide a monitoring role in order to understand and anticipate trends and new developments in cybersecurity and emerging threats;
• Support the security governance team with the client's multiple stakeholders in defining their business needs and information security requirements.

Qualification

• BAC in computer science with a minimum of 3 years of experience or a DEC in computer techniques with a minimum of 5 years of experience or in any other related field or relevant experience.       
• 5+ years of hands-on experience in information security, including threat modeling and risk quantification
• 8+ years of hands-on experience in information technology, including the use of cloud services and infrastructures
• Capture and documentation of business needs, security requirements and acceptance criteria as part of a tender process
• Development and implementation of security solutions based on an industry-recognized control framework, including Azure and AWS cloud environments
• Concrete experience in using security frameworks, such as NIST CSF, NIST SP.800-53 and/or ISO 27001 in defining information security controls and capabilities
• Familiarity with Microsoft security platforms, tools and services, both office and cloud-based
• SAFe, Lean Agile experience
• Language: French 5/5