Cyber Security Expert (Cloud / Scripting)

Summary

Reporting to Americas Chief Information Security Officer (CISO) or Deputy CISO, we are seeking a highly skilled Cybersecurity Expert specializing in cloud security across Azure and AWS platforms, with strong expertise in scripting and automation for remediation and analysis. This role will focus on designing, implementing, and managing advanced security solutions for our cloud environments while leveraging scripting languages to streamline detection, response, and remediation processes. The ideal candidate will be well-versed in cloud-native security tools, have hands-on scripting experience, and demonstrate a proactive approach to safeguarding enterprise infrastructure from evolving cyber threats.

Description

Cloud Security (Azure/AWS)

1. Security Configuration Management:

• Continuously monitor and maintain cloud security configurations for Azure and AWS to ensure adherence to industry standards and best practices.
• Identify and remediate security misconfigurations in IAM roles, security groups, and network access control lists (ACLs).

2. Vulnerability Management and Patching:

• Perform regular vulnerability scans of cloud environments using tools like AWS Inspector, Azure Defender, Wiz, Tenable and Ivanti.
• Work with IT teams to remediate identified vulnerabilities, including patching operating systems, container images, and cloud-native applications.

3. Incident Handling and Response:

• Investigate, analyze, and resolve security alerts related to cloud environments, including unauthorized access attempts, misconfigurations, or policy violations.
• Coordinate with SOC and incident response teams to address cloud-specific incidents, such as credential leakage or suspicious activity.

4. Threat Monitoring and Logging:

• Manage and monitor logs from AWS CloudTrail, Azure Monitor, and other logging services to identify potential security incidents.
• Implement and maintain detection rules for cloud-based security threats in SIEM platform Azure Sentinel.

5. Access Control and Identity Management:

• Audit and maintain cloud identity and access policies, ensuring least privilege principles are applied across all environments.
• Regularly review and revoke unused permissions, orphaned roles, and inactive accounts.

6. Compliance Support and Reporting:

• Generate and maintain reports on cloud security posture for compliance with frameworks like CIS, NIST, and ISO 27001.
• Implement recommendations from audits and compliance assessments to strengthen cloud security.

7. Collaboration and Process Improvement:

• Work with cross-functional teams to streamline security processes for ongoing cloud operations.
• Provide input on cloud governance policies to reduce security risks in existing workflows.

Scripting and Automation

1. Automation for Security Operations:

• Develop scripts using Python, PowerShell, or Bash to automate cloud security monitoring, vulnerability detection, and remediation.
• Build Infrastructure as Code (IaC) templates with tools such as Terraform or CloudFormation to enforce secure configurations.

2. Incident Response and Forensics:

• Automate the identification and remediation of compromised resources using serverless functions (e.g., AWS Lambda, Azure Functions).
• Script and execute automated workflows for malware detection, log analysis, and threat intelligence correlation.

3. Custom Tools and Integrations:

• Develop custom scripts to integrate with third-party security tools (e.g., Azure, SIEMs, EDR platforms).
• Automate security alerts and notifications to improve response times and reduce false positives.

Requirements

Technical Skills

• Expert knowledge of Azure and/or AWS cloud security best practices and services.
• Proficiency in scripting languages: Python, PowerShell, Bash, or equivalent.
• Experience with cloud-native security tools.
• Knowledge in creating Sentinel queries for incident investigation.
• Experience with common information security management frameworks including NIST CSF, ISO 27001/27002, GDPR, CMMC, and CIS.
• Proficiency with security orchestration, automation, and response (SOAR) tools.

Soft Skills

• Excellent problem-solving and analytical skills.
• Strong communications skills to convey technical concepts to both technical and non-technical stakeholders.
• Ability to mentor junior team members in cyber security practices.
• Self-driven and ability to accept personal responsibility and accountability.
• Detail oriented and well organized.

Education/Experience

• Minimum of 5+ years in Cloud Security.
• Hands-on experience scripting for automation, remediation and analysis in production environments.
• BS/BA (with an IT focus) required or 15+ years of progressive Information Technology and Cybersecurity work experience in lieu of degree.
• 10+ years of progressive Information Technology and Cybersecurity work experience.
• Azure Security Engineer Associate, AWS Certified Security, CCSP, CCSK, GIAC Cloud Security, or other relevant cloud security certifications preferred.
• Highly proficiency with Microsoft O365 applications (MS Excel specifically).
• Good working knowledge of Power BI and SharePoint preferred.

Languages

• Level of spoken and written French: Advanced
• Level of spoken and written English: Proficient
• Spanish fluency a strong advantage

Key Attributes of an Ideal Candidate

• Strategic thinker with the ability to balance security, usability and business needs.
• Innovative thinker with a track record of leveraging automation to solve security challenges.
• Skilled in managing and mitigating risks in highly dynamic environments.
• Proactive and collaborative, with the ability to bridge gaps between security, IT, and DevOps teams.
• Experience working in global, enterprise-scale organizations with complex infrastructure.

Other Essential Abilities

• Ability to meet the highest attendance requirements.
• Ability to communicate effectively, both written and verbally.
• Ability to use a personal computer.
• Ability to handle multiple assignments on a timely basis with a high degree of accuracy.

Working Environment

The working environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is not exposed to weather conditions. The noise level in the work environment is usually moderate.

What Equans offers you

• Group insurance from your first day of work;
• A group pension plan;
• Balance between work and personal life;
• Professional and personal development in a company experiencing strong growth;
• A positive working environment characterized by competence, responsibility and innovation;
• Competitive terms of employment and excellent benefit schemes;
• A diverse workplace regarding gender, age and cultural background. We believe in the importance of diversity and inclusion.

Equal employment opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.

Does this challenge interest you? We would like to get to know you and we thank everyone who applies.