Security Engineer: Threat & Vulnerability Management (h/f) - Rabat

Entreprise :

Référencée au sein de nombreux grands comptes en tant que fournisseur de prestation IT,  Excel Management Conseil est une société de services en informatique existante depuis plus de 10 ans.

Riche d’une expérience significative en France et en Europe, notre groupe E.X.M.C se positionne en tant qu’acteur majeur sur le marché des sociétés de services en ingénierie informatique.

Nous intervenons à la fois sur des périmètres  Métiers, Techniques et Opérationnels. Notre groupe affiche un effectif de plus de 300 collaborateurs disponibles et mobiles.

Nous sommes structuré autour de Quatre Pôles :

• Le Consulting et Assistance à Maîtrise d'Ouvrage (MOA, AMOA) dédié Banques, Finance, Assurances.
• L’ingénierie applicative (La maîtrise d'œuvre de projets informatiques (MOE), Ingénierie de développement, TMA, TRA, …)
• La production et les infrastructures  (Ingénierie, Assistance Technique infogérance, architecture systèmes et réseaux, sécurité, cyber sécurité , Digital…)
• L’Informatique Décisionnelle et  BIG DATA (Architecture(Avant-vente/POC/ Pilotage Projet) , Développement, Expertise (Hadoop,NoSQL, …))

Poste :

To support our business strategy and digital transformation, It’s setting up a new information security practice to ensure a coordinated response to the increasing threat of cybersecurity, enabling consistent decision-making across the organization.
Our vision of information security is to protect our stakeholders by securing our information resources, managing our cyber risks and enabling effective and efficient business strategies that are fully sponsored by executives and supported by all employees.
Missions principales :
The main mission of the Security Engineer Vulnerability and threat Management is to perform scans and reports using the Qualys Guard tool.
You’ll be responsible of performing and scheduling compliance and vulnerability scans on network activity and infrastructure and generating reports to different teams (such as server admins, network administrators in order to mitigate scanned vulnerabilities).
The role consists also of integrating and managing different assets in the Qualys Guard modules.
Security Management:
• Conduct vulnerability scanning and assessment functions related to various clients, environments, technologies, systems and appliances
• Coordinate effectively with representatives of different Business Units and technology specialists
• Integrate and manage assets in Qualys
• Effectively communicate security vulnerabilities and risks to issue owners and assist in remediation efforts
• Govern and enforce cybersecurity policies and vulnerability remediation deadlines
• Develop and maintain executive dashboards and/or regular reports to communicate department-specific cybersecurity risks and threats
Reporting Service:
• Provide a monthly/Weekly analysis of common vulnerabilities and compliance issues
• Produce a periodic dashboard demonstrating remediation progress and cases’ status

Profil recherché :

Compétences requises
• Global technical vision of the main security tools / environments:
PKI, SIEM, SOC, authentication, IPSEC, AD security, operating system security, Windows account security
• Experience managing data security programs like Password Vaulting, Privileged Access Management (Cyber Ark)
• Experience with Identity Management concepts and processes including authorization, authentication, segregation of duties
• Knowledge of best practices around data security
• Experience using an ITSM tool such as ServiceNow
• Strong fundamentals in networking protocols and troubleshooting
• Knowledge of hacking techniques, cyber threats and security trends
• At least 2 years’ experience in the cybersecurity industry
• Experience with vulnerability management tools (e.g. Kenna, Nexpose, Tenable, Qualys, etc.)
• Hands-on experience with Qualys, a certification is a plus
• Work on maturing vulnerability management & Compliance program services and processes
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions
• Take part of the implementation and operational best practices while taking ownership of tasks and/or project workstreams
• PowerShell and Python scripting skills
• Coding skills, such as HTML, CSS, Power Query and other languages
• Analytical thinking, time management and coordination skills
• Fluent English (Very important)

Education
• Minimum Bac+5 in Networks and Security.
Certification
• An information Security Certification is highly desired (CCNA R&S, CCNA Security, NSE4, PCCSA, MCSA, CEHv9/v10…or/and equivalent)
Work Ethics
• Due to the sensitive nature of the task, the role holder must have a demonstrated high level of work ethics, secrecy and discretion. A background check will be performed.

Adresse de notre siège :

Traits de personnalité souhaités :

Organisation Besoin d'autonomie Rationalisme Volonté de persuasion