Role Overview We are seeking three (Senior) Security Engineers to join our growing cybersecurity capability center. The engineers will focus primarily on offensive security, security testing, vulnerability management, continuous monitoring, and technical security asses...

Role Overview

We are seeking three (Senior) Security Engineers to join our growing cybersecurity capability center. The engineers will focus primarily on offensive security, security testing, vulnerability management, continuous monitoring, and technical security assessments for global clients. This role is technical and hands-on, requiring strong expertise in penetration testing, threat detection, and modern cyber defense technologies.

Key Responsibilities

1. Offensive Security & Security Testing

• Conduct penetration tests on web, mobile, APIs, network, cloud, and infrastructure environments.
• Perform Red Team and Purple Team exercises, including adversary simulations and attack path validation.
• Execute configuration and hardening assessments based on CIS Benchmarks, NIST, and industry best practices.
• Document findings and recommendations with technical deep-dives and executive summaries.

2. Vulnerability Management (Full Lifecycle)

• Perform continuous vulnerability scanning, analysis, prioritization, and remediation tracking.
• Conduct root cause analysis and coordinate with client teams for patch validation, retest, and closure.
• Maintain vulnerability dashboards, metrics, SLA monitoring, and risk-based prioritization models.

3. Security Assessments (Technical, Compliance & Maturity)

• Conduct security posture reviews, maturity assessments, and gap analyses for clients.
• Perform risk assessments, technical control reviews, and compliance checks (ISO 27001, NIST, CIS, custom frameworks).
• Deliver reports, presentations, and remediation guidance to technical and business stakeholders.

4. Security Operations & Monitoring

• Support Security Incident Response, including triage, investigation, containment, and reporting.
• Perform phishing email analysis and response actions.
• Manage Threat Intelligence Services, including IOCs, threat feeds, enrichment, profiling, and reporting.

5. EDR, NDR & Cloud Monitoring

• Manage and optimize CrowdStrike & Microsoft EDR, NDR platforms, and endpoint policies.
• Conduct Cloud Security Monitoring (e.g., Wiz) and support threat detection use cases.
• Perform Active Directory Security Reviews (misconfigurations, exposures, alerts).

6. External Security Monitoring

• Use tools such as Shodan and BitSight for external attack surface monitoring.
• Track External Security Ratings (e.g., SecurityScorecard) and support remediation activities.
   

Required Skills & Qualifications

• Degree in Cybersecurity, Computer Science, Information Systems, or related discipline.
• 3 - 5 years experience in cybersecurity engineering, SOC, or penetration testing (senior level may require a minimum of 5+ years).
• Strong proficiency in penetration testing tools (BurpSuite, Nmap, Metasploit, Kali/Linux, etc.).
• Good understanding of EDR, SIEM, vulnerability scanners, and cloud security platforms.
• Knowledge of ISO 27001, NIST CSF, CIS, MITRE ATT&CK.
• Certifications preferred: OSCP, eJPT, CEH, Security+.
• Excellent interpersonal, communication, and negotiation skills for effective collaboration and follow-ups.
• Fluent in English and French (written and spoken)