Cloud & Posture Security Lead Engineer

The Network and Operational Security Team maintains a globally distributed infrastructure of security components including Firewalls, VPNs, Web Proxies, WAF, and DNS Firewall, and support a network security infrastructure which assists in providing a secure operating environment for our business teams, partners, clients, and vendors to utilize in the execution of SCOR business interests.

Responsibilities

On a worldwide level and in conjunction with the IT Technical, Functional, and SOC / Cybersecurity Teams, the role is responsible for :

Operate day-to-day operations and maintain security systems

• Build, run and improve the network security public cloud environment 

• Develop automation scripts and tools to streamline deployment

• Work with the Software Factory / devops engineers to improve and maintain network related scripts.

• Be owner, maintain and develop the CNAPP solution.

• Support CNAPP users on their accesses, findings, issues. 

• Work with the Cloud Architecture team on policies, exceptions, improvements.

• Maintain in operational conditions the cloud environment and tools.

• Protect SCOR assets from potential threats 

• Qualify and response to discovered threats (SOC/M&C)

• Other duties as prescribed by management

• Permanent search for continuous improvement and systems reliability

• Intervention during project specification steps 

• Integration and validation of security solutions

Evolution & upgrade of tools :

• Permanent search for continuous improvement and systems reliability

• Intervention during project specification steps 

• Integration and validation of security solutions

• Documentation: Creation, maintenance, and redaction of technical documentation as requested by management

• Technical support and training

• Reporting of the activity and safety reports production

• Anomaly detection and treatment of incidents through appropriate action plans

• Ensure the implementation of processes and update information on your perimeter

Best practices & Monitoring:

• Define / update testing strategy
  • Define test categories
  • Define criteria to include features in test campaigns integration test, E2E test....
  • Continuously improve testing processes.
• Providing guidance and support to other team members regarding testing best practices.
• Coordination of test reporting and coordination of test status with central release management.
• Provide test metrics to Financial Production management and teams holding further improvements and next steps
• Monitoring and reporting on the progress and quality of testing activities.

• Improve our automated testing suites

  Planification:

• Participation in the planning concerning our Financial Production products evolutions.
• Advising and supporting our specialist departments in the preparation, implementation and evaluation of acceptance test.
• Define a test coverage roadmap and corresponding roll-out to our Financial Production products
• Participate/Collaborate with Financial Production teams to understand current requirements and implementation work to leverage on tailor made test case creation
• Participating in iteration planning to estimate the effort required for testing activities.

• Collaborating with developers, product owners, and other stakeholders to resolve any testing-related issues.

  Facilitation:

• Prepare and facilitate workshops with different teams and stakeholders including management

• Collaborating with the Agile teams to understand user stories and their acceptance criteria.
• Assist that user stories are testable and well-understood before implementation begins.

Exeprience

10 or more years of related work experience

Technical Skills

• Cloud: General knowledge of public clouds(mandatory:Azure. nice to know:Alibaba, GCP), knowledge of Azure networking (Virtual WAN, VPN Gateways, vNet peering, private/service endpoints, Load Balancing) - Certification AZ-700 is mandatory.

• Scripting/automation: IaC knowledge (Terraform, Azure DevOps, Gitlab, Python)

• Extensive knowledge of network protocols (minimum BGP and OSPF), especially within cloud environments.

• Knowledge of cloud security, including CNAPP solutions (WIZ, Orca). Understanding of CSPM is mandatory.

• Firewalls: Palo Alto Technologies, Tufin

• Proxy/URLF/CASB/DLP: Palo Alto, Microsoft

• Technical project management

• Communication skills

• Proactive

• Documentation

Appreciated:

• Firewalls: Palo Alto Technologies, Tufin

• Proxy/URLF/CASB/DLP: Palo Alto, Microsoft

Soft skills 

• Technical project management

• Communication skills

• Proactive

• Documentation