Cyber Security Consultant
Our playground: the identification, authentication, and securing of people and objects.
Our areas of expertise: artificial intelligence, biometrics, cryptography, embedded systems and software and cyber security. Our promise: With our technology and innovations, only you can be yourself.
Our ambition: Imagine tomorrow and profoundly change the daily lives of citizens of all countries.
Our markets: civil identity (ID, passport), smart payment and telecom transactions, smart cards, public security and border security.
As a Cybersecurity expert, you will ensure the security of all components used in the company end-to-end large security systems: security of software application, of networks, of data and of IT infrastructure, as well as the security of the security systems themselves in the area of biometric digital identity provided to government customers.
You will work with all the Agile project teams of the center (scrum master, developers, testers, QA / integrators, PO) in the operational field but also with dedicated DevOps engineers, technical managers, system architects, project managers and team leaders on strengthening the cybersecurity of our systems during pre-sales projects, development, test & qualification and end user deployment.
You have a real expert role supporting different development-integration-test-deployment teams with following responsibilities:
In pre-sales phase:
- Define security rules for our integrated solutions (HW + SW + network + infrastructure) in pre-sales projects in accordance with customer specifications and optimizing their costs and performance.
In early development phase:
- Define, implement and apply security rules to code generation, SW architecture and
interface definition, upstream of the software development process, improving the
robustness of applications and their resistance to attacks.
Test, Qualification & Delivery phase:
- Provide technical guidance and answer technical questions for the project integration team on security purposes.
- Define and implement standardized CI / CD pipelines, ensuring that the appropriate security tools, to detect and remedy vulnerabilities, analyze the code deployed in our environments.
- Perform vulnerability analysis in accordance with the defined method and participate in the evolution of this method as part of continuous improvement
- Monitor the vulnerabilities of systems on its perimeter. Ensure compliance with the policy in terms of the vulnerability level.
- Qualify the “cybersecurity” of our biometric solutions and products developed by Romania engineering center.
- Capitalize with other DevOps engineers of different products on CI and CD pipelines including cybersecurity test and qualification.
- Prepare/complete security documentation during the design/development/integration/tests stages; establish security guidelines/procedures for operational systems.
- Monitor system vulnerabilities on his/her perimeter. Ensure the compliance with the BU policy in term of vulnerability level.
- Provide remedial recommendations adapted to the problems encountered and support the project teams in correcting the vulnerabilities identified.
- Carry out code / implementation reviews if necessary.
- Keep up to date with the latest security and technology developments.
- Research/evaluate emerging cybersecurity threats and ways to manage them.
- Plan for disaster recovery and create contingency plans in the event of any security breaches.
- Monitor for attacks, intrusions and unusual, unauthorized or illegal activity.
- Test and evaluate security products.
- Design new security systems or upgrade existing ones.
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Engage in ethical hacking, for example, simulating security breaches.
- Identify potential weaknesses and implement measures, such as firewalls and encryption.
- Investigate security alerts and provide incident response.
- Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
- Generate reports for both technical and non-technical staff and stakeholders.
- Maintain an information security risk register and assist with internal and external audits relating to information security.
- Monitor and respond to ‘phishing’ emails and ‘pharming’ activity.
- Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
- Give advice and guidance to staff on issues such as spam and unwanted or malicious emails.
- At least Bachelor Degree in Computer Science or relevant discipline.
- Working experience in at least 2 of the following domains: System security/Network security/Data security/Application security/Cloud security.
- Proven 5 years’ experience as a Cybersecurity engineer.
- A real curiosity in the field of computer technologies applied to the information system.
- Leadership, with strong organizational, interpersonal and Strong communication skills.
- Spirit of analysis and synthesis.
- Liking working in an international context.
- Strong verbal and written skills in English, French would be a plus.
- Motivated by obtaining a result by providing a quality service (risk analysis / quality monitoring process – process of release of deliverables).
- Autonomous and have the sense of clear and synthetic reporting.
- Cross-training in Romania and abroad (France) and professional development opportunities.
- Take part of development of future strategic products: border controls, forensics… carry out by Romania SW engineering center.
- Join a multi-projects transversal organization to ensure DevSecOps expertise in Romania and abroad.
- Be cybersecurity technical leader for other Romanian DevOps engineers.