Cybersecurity Expert (m/f/d)

Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 55,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

What Exactly Is This Job?

The ICT Cyber Security Expert is part of Information and Cyber Security team and is reporting to the Information and Cyber Security Manager with close link to Information and Cyber Security Governance and Cyber Security Operations team. 

He/she has a strong Cyber Security technical background and necessary soft and hard skills to help CUSTOMER enforcing Information and Cyber Security Governance strategy as well as the security controls. He/she is willing to work in a challenging environment and ensure Information and Cyber Security governance principles are followed by CUSTOMER, CUSTOMER suppliers and partners. 

The position is working with different ICT groups such as the business relation managers (BSMs), infrastructure, architecture, DevOps, and operations teams to provide them with Information and Cyber Security expertise. 

What Will I Be Responsible For?

• Support defined ICT Information Security Governance and contribute to its improvement. 
• Perform security risk assessments by analysing security risks and computing environments to determine threat, vulnerabilities and recommend safeguards to mitigate risk. 
• Lead/perform 3rd-party risk management activities (on acquisition of new services, regular risk assessments, etc.). 
• Lead and follow-up the remediations identified during security assessments (vulnerability scans, penetration tests, internal audits, etc.). 
• Participate in the drafting, implementation and optimization of information security policy and standards. 
• Be "force de proposition" in all aspects of Information Security: governance, processes, and technologies, this for continuous improvement. 
• Contribute to ICT projects by ensuring that security standards and requirements are defined as part of the deliverables. 
• Supports Information and Cyber Security team in ensuring cloud best practices and CUSTOMER cloud security guidelines are respected (with strong focus on O365, AWS and Azure). 
• Support the implementation of CUSTOMER Secure Software Development Life Cycle (SSDLC). 
• Reviews, proposes, and ensure best practices in BYOD services (with strong focus on Microsoft technology), this in a joint effort with other teams. 
• Reviews, proposes, and ensure best practices in OSINT/CTI services, this in a joint effort with other CUSTOMER teams. 
• Design and/or assist in the implementation of Information and Cyber Security solutions. 
• Provide technical studies, technical expertise, evaluate new products and technologies in relation with Information and Cyber Security, to protect against existing and emerging security threats. 
• Prepare reports and technical documentation for managers and users. 
• Supports Information and Cyber Security team in project management, change management and communication activities. 

What Skills You Should Possess

• Minimum of 10 years / professional experience in Information Security. 
• Excellent knowledge of industry-adopted security standards and best practices (e.g., OWASP, ISO 27001/2). 
• Excellent knowledge in Information Security Governance, Risk Assessments, etc. 
• Good knowledge of technologies, products and architectures used in the field of information systems security.  
• Good knowledge in the areas of Incident and Response Framework (NIST SP 800-61 Rev. 2), both in terms of policy, plan, and procedures. 
• Good knowledge in the areas of Internet and web application security. 
• Good understanding of how various systems interconnect with each other. 
• Experience in working with hardware and software systems, including OSs, databases, applications, and networks. 
• Experience in computer knowledge in the areas of messaging, corporate directories, system, network security. 
• Strong ability to work independently and possess good project management skills. 
• Strong ability to communicate with top management, local IT staff/management, partners, vendors, and consultants. 
• Multidisciplinary approach. 
• Ability to demonstrate pragmatism. 
• Abstract thinker. 
• Problem solving expertise. 

Education

• Bachelor's degree in a related area or equivalent work experience. 
• SANS Security Essentials (GSEC) or Cloud Security Essentials (GCLD), CSA Certificate of Cloud Security Knowledge (CCSK), ISO 27001 LI/LA, CISM, or CISSP certification is a plus. 
• Other security certification (e.g., AWS Certified Security, Azure/M365 Security Engineer) is a plus. 

Additional requirements

• English / Proficient 
• MS Office / Proficient 

Let’s grow together.