Job Description:
* Steer the VEP (Vulnerability Emergency Process) for all AHG, including Customer centers, within the scope of the SoW. This includes proposing improvements and coordinating activities. Additionally, support other Work Packages as needed, such as pentesting and proof of concept (POC) on new tools or threats.
* Manage the VEP process, ensuring proper follow-up for all AHG entities involved.
* Perform security technical analysis, including pentests and risk assessments for new and existing solutions.
* Assist in automating EIIS, managing tools like Ansible, containers, and other security-related tools.
* Support the AHE IM Security Team with tasks related to the SoW.
* Most critical problems that arise regularly:
o Monitor and track security threats applicable to AHG from various sources.
o Assess the impact of new threats by checking inventories or testing POCs.
o Act as the focal point for the VEP process, ensuring proper documentation and steering.
* Key decisions:
o Determine which threats should be registered and escalated as needed.
o Maintain a trusted source of security alerts, updating it based on experience.
o Propose new tools to improve security processes.
* Outputs:
o Tickets in VEP and SEM systems.
o Monthly KPIs for all Work Packages within the scope of the SoW.
o System documentation, user guidelines, and training materials.
o Meeting minutes for all steering meetings with AHG.
o Reports on the applicability of tests and POCs for identified threats.
* Key Competences:
o Knowledge of IM Security practices, especially vulnerabilities and Zero Days.
o Strong IT Security mindset, familiar with best practices and security guidelines.
o Proven pentesting skills through certifications or CTF participation.
o English proficiency at a medium level (reading technical documentation, communicating with colleagues, participating in meetings).
o Degree in Computer Engineering or related field, preferably with cybersecurity specialization.
o At least one year of experience for young engineers, or entry-level with cybersecurity specialization.
This role requires awareness of potential compliance risks and a commitment to act with integrity, supporting the company's success, reputation, and sustainable growth.
#J-18808-Ljbffr