Security Engineer: Threat & Vulnerability Management Contrat : CDI

Référencée au sein de nombreux grands comptes en tant que fournisseur de prestation IT, Excel Management Conseil est une société de services en informatique existante depuis plus de 10 ans.

Riche d’une expérience significative en France et en Europe, notre groupe E.X.M.C se positionne en tant qu’acteur majeur sur le marché des sociétés de services en ingénierie informatique.

Nous intervenons à la fois sur des périmètres Métiers, Techniques et Opérationnels. Notre groupe affiche un effectif de plus de 300 collaborateurs disponibles et mobiles.

Nous sommes structuré autour de Quatre Pôles :

• Le Consulting et Assistance à Maîtrise d'Ouvrage (MOA, AMOA) dédié Banques, Finance, Assurances.
• L’ingénierie applicative (La maîtrise d'œuvre de projets informatiques (MOE), Ingénierie de développement, TMA, TRA, …)
• La production et les infrastructures (Ingénierie, Assistance Technique infogérance, architecture systèmes et réseaux, sécurité, cyber sécurité , Digital…)
• L’Informatique Décisionnelle et BIG DATA (Architecture(Avant-vente/POC/ Pilotage Projet) , Développement, Expertise (Hadoop,NoSQL, …))

The main mission of the Security Engineer Vulnerability and threat Management is to perform scans and reports using the Qualys Guard tool.
The service will be responsible for performing and scheduling compliance and vulnerability scans on network activity and infrastructure and generating reports to different teams (such as server admins, network administrators in order to mitigate scanned vulnerabilities).

The mission consists also of integrating and managing different assets in the Qualys Guard modules.

The service will do the following Internal :

• Ensure to update the full ip inventory in the Qualys/Tenable tool so that assets are not missed for scan.
• Ensure to scan all assets (assets in CMDB/Fileshares/AD etc) and identify vulnerabilties Scan assets to identify non declared assets in our asset management repository (CMDB - infra& network related assets)
• Create dashboard per countries ( we have around 20 countries in Partners) & provide us valuable risk information based on scans and present it to the stakeholders.
• Support IT Owners wherever required

• An information Security Certification is highly desired (CCNA R&S, CCNA Security, NSE4, PCCSA, MCSA, CEHv9/v10…or/and equivalent) Global technical vision of the main security tools / environments: PKI, SIEM, SOC, authentication, IPSEC, AD security, operating system security, Windows account security
• Expertise in managing data security programs like Password Vaulting, Privileged Access
• Management (Cyber Ark)
• Expertise in Identity Management concepts and processes including authorization, authentication, segregation of duties
• Expertise in best practices around data security
• Expertise using an ITSM tool such as ServiceNow
• Expertise in networking protocols and troubleshooting
• Expertise in hacking techniques, cyber threats and security trends
• At least 2 years’ Expertise in the cybersecurity industry
• Expertise in vulnerability management tools (e.g. Kenna, Nexpose, Tenable, Qualys, etc.)
• Hands-on Expertise with Qualys, a certification is a plus Work on maturing vulnerability management & Compliance program services and processes
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions
• Take part of the implementation and operational best practices while taking ownership of tasks and/or project workstreams
• PowerShell and Python scripting expertise
• Coding expertise, such as HTML, CSS, Power Query and other languages