Senior Cybersecurity Consultant

Devoteam is an AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability. Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.

With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.

As a Senior Cybersecurity Consultant, you will play a key role in shaping secure solutions for our clients. You will be involved in client engagement, where you'll provide guidance, design robust security architectures, and implement critical controls. You'll also contribute to internal knowledge development.
We're on the lookout for someone comfortable in at least two of the areas listed below (Qualifications) and have exposure or willingness to grow in the others.

**Key responsibilities**:

- Assist in the design and implementation of cybersecurity controls, policies, and technical architectures;
- Collaborate with technical and business stakeholders to understand client challenges and needs to support delivery in complex environments;
- Prepare and deliver security awareness sessions, technical and non-technical workshops, reports, and clear documentation tailored to different audiences;
- Contribute to developing reusable toolkits, frameworks, and knowledge-sharing within the team;
- Keep current on cybersecurity threats tools and emerging technologies.

- Bachelor's or Master's degree in Information Technology, Cybersecurity, Computer Science, or a related field;
- A minimum of **3 years**of experience in a cybersecurity-related role (consulting, internal security, technical delivery).
- Certifications such as Security+, Microsoft SC-900, AZ-500, AWS Security Specialty, Google Professional Cloud Security Engineer.
- Solid understanding of core security principles (CIA triad, Least privilege & Zero trust, Authentication & authorization basics)
- **Proficiency in at least two of the domains below, with exposure to the others**:

- **Cloud Security**:

- From implementing to managing security controls in the Cloud, including identity management, secure configurations, and cloud-native security tools (e.g., DFC, AWS Security Hub).
- Ability to assess cloud environments for misconfigurations, enforce security policies, and support compliance initiatives in hybrid or multi-cloud setups.

**Identity Security**(Strong authentication, RBAC implementation, conditional/context aware access).
- **Endpoint Security**:

- Deployment, monitoring, and policy tuning of endpoint protection platforms (e.g., Microsoft Defender for Endpoint, Cylance or SentinelOne).
- Endpoint security incident management (responding to alerts, and support incident investigations).

**Network Security**:

- Understanding of network protocols and troubleshooting of network issues.
- Familiar with firewalls, VPNs, IDS/IPS, network segmentation, and secure remote access for both cloud and on-premise environments.
- Reviewing firewall policies, VPN configurations, and IDS/IPS rules.
- Ability to architect and implement basic network segmentation and secure remote access strategies.

**Data Protection**:

- Exposure to DLP solutions, data classification tools (e.g., Microsoft Purview, Symantec DLP), encryption in transit and at rest.
- Familiar with data privacy requirements (e.g., GDPR) and able to support implementation of technical safeguards for personal and sensitive data.

**Security Monitoring & SIEM**:

- Exposure to security monitoring and incident management.
- Capable of addressing monitoring usecase requirements, tuning, performing correlation analysis, and supporting the early stages of incident response.
- Exposure to working with SIEM platforms (e.g., Microsoft Sentinel, Splunk or QRadar), including rule tuning, basic threat detection, and incident triage.

**Vulnerability Management**:

- Proficient in scoping and running scans, analyzing reports, and supporting remediation efforts using tools like Qualys, Nessus, or Rapid7.
- Experience tracking remediation progress and validate fixes. - Fluent in French AND English with strong communication skills

**Nice to Have**:

- Certifications such as CISSP, CCSP, ISO 27001 Implementer, or similar/related
- Experience in regulated environments (e.g., financial services, healthcare, critical infrastructure).
- **Partner with a multi-awarded, Best Workplace & premium consulting company in Luxembourg.**Devoteam Luxembourg offers a vibrant work culture that promotes innovation, knowledge sharing, and continuous learning. When you join our team, you will enjoy:

- **Continuous Growth.**Surf with the latest trends, top experts, and extensive growth opportunities through mentoring, strong cloud partnerships (Microsoft, ServiceNow,..), local Training Center, certifications programs, unlimited access to Udemy and our Power Skills Academy;
- **Be part of something bigger**. Work for a company that values so