Senior Cybersecurity Consultant

**Description de l'entreprise**
Devoteam is an AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability.

Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.

With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.

**Description du poste**
As a Cybersecurity Consultant, you will play a key role in shaping secure solutions for our clients. You will be involved in client engagement, from presales to delivery, where you'll provide expert guidance, design robust security architectures, and implement critical controls. You'll also contribute to internal knowledge development, ensuring the team stay at the forefront of cybersecurity.

**Key Responsibilities**:
**_ Consulting & Advisory_**
- Participate in proposal development, solution design, and client presentations.

**_ Client Engagement & Communication_**
- Collaborate with technical and business stakeholders to understand client challenges and needs.
- Prepare and deliver security awareness sessions, technical and non-technical workshops, and clear documentation tailored to different audiences.
- Contribute to fostering a strong cybersecurity culture through training and knowledge sharing.

**_ Implementation & Delivery_**
- Assist in the design and implementation of cybersecurity controls, policies, and technical architectures.
- Collaborate with consultants and/or technical teams to support delivery in complex environments.
- Produce security deliverables including reports, technical assessments, and client-facing presentations.

**_ Internal Development_**
- Contribute to developing reusable toolkits, frameworks, and knowledge-sharing within the team.
- Keep current on cybersecurity threats tools and emerging technologies.

**Qualifications** Education and Experience**:

- Bachelor's or Master's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- A minimum of **3 years** of experience in a cybersecurity-related role (consulting, internal security, or technical delivery).

**Technical Skills - Must Have**:

- Certifications such as Security+, Microsoft SC-900, AZ-500, AWS Security Specialty, Google Professional Cloud Security Engineer.
- Solid understanding of core security principles (CIA triad, Least privilege & Zero trust, Authentication & authorization basics)
- Proven experience in the following:

- ** Cloud Security**:

- From implementing to managing security controls in the Cloud, including identity management, secure configurations, and cloud-native security tools (e.g., DFC, AWS Security Hub).
- Ability to assess cloud environments for misconfigurations, enforce security policies, and support compliance initiatives in hybrid or multi-cloud setups.
- ** Identity Security** (Strong authentication, RBAC implementation, conditional/context aware access).
- ** Endpoint Security**:

- Deployment, monitoring, and policy tuning of endpoint protection platforms (e.g., Microsoft Defender for Endpoint, Cylance or SentinelOne).
- Endpoint security incident management (responding to alerts, and support incident investigations).
- ** Network Security**:

- Understanding of network protocols and troubleshooting of network issues.
- Familiar with firewalls, VPNs, IDS/IPS, network segmentation, and secure remote access for both cloud and on-premise environments.
- Reviewing firewall policies, VPN configurations, and IDS/IPS rules.
- Ability to architect and implement basic network segmentation and secure remote access strategies.
- ** Data Protection**:

- Exposure to DLP solutions, data classification tools (e.g., Microsoft Purview, Symantec DLP), encryption in transit and at rest.
- Familiar with data privacy requirements (e.g., GDPR) and able to support implementation of technical safeguards for personal and sensitive data.
- ** Security Monitoring & SIEM**:

- Exposure to security monitoring and incident management.
- Capable of addressing monitoring usecase requirements, tuning, performing correlation analysis, and supporting the early stages of incident response.
- Exposure to working with SIEM platforms (e.g., Microsoft Sentinel, Splunk or QRadar), including rule tuning, basic threat detection, and incident triage.
- ** Vulnerability Management**:

- Proficient in scoping and running scans, analyzing reports, and supporting remediation efforts using tools like Qualys, Nessus, or Rapid7.
- Experience tracking remediation progress and validate fixes.
- Fluent in French AND English with strong communication skills

**Technical Skills - Nice to Have**:

- Certifications such as CISSP, CCSP, ISO 27001 Implementer, or similar/related
- Experience in regulated environments (e.g., financial services, healthcare, critical infrastructure).

**Informations supplémentaires**
**Partner with a multi-awarded, Best Workplace