Senior Security Operations Engineer

Your Role

Join our Security team as a Senior Security Operations Engineer (SOC L3) and help strengthen our security posture across a hybrid environment (on‑prem and AWS).

Directly reporting to our Security Operations Lead, you will participate in CSIRT/CERT operations, lead advanced incident investigations, conduct threat hunting and forensic analysis, and continuously improve our detection and response capabilities.

You will also operate and evolve our security tooling (e.g., SIEM, SOAR, EDR, WAF, vulnerability management) and partner with technical teams to embed security by design through reviews and threat modeling.

You will partner closely with our IT teams to drive remediation and reliability.

Key Responsibilities

Security operations platform ownership
- Operate, maintain, and continuously improve security platforms (SIEM/SOAR, endpoint security, vulnerability management, web protection, email/security controls, secrets management, etc.).
- Ensure platform availability, performance, and resilience through upgrades/patching, configuration reviews, access controls, health checks, and periodic validation/testing.
- Improve telemetry quality: logging coverage, data onboarding/normalization, retention requirements, and integration of reliability.

SOC L3 escalation, incident response & forensics
- Act as the SOC L3 escalation point for critical alerts and major incidents; leading advanced investigations and guide containment/eradication decisions.
- Deliver incident outputs: timeline, root-cause analysis, impact assessment, lessons learned, and actionable remediation recommendations.
- Continuously improve response readiness by refining playbooks/runbooks, tuning detection logic, and identifying automation opportunities.

Threat hunting & detection engineering
- Proactively hunt for threats across endpoints, cloud, and network telemetry.
- Convert findings into durable outcomes: new detections, improved alert fidelity, automated enrichment, and clearer triage guidance.

Security-by-design & technical assurance
- Serve as the security technical point of contact for projects and changes (on‑prem and AWS): define/validate security requirements and provide pragmatic architecture guidance.
- Conduct technical security reviews and threat modeling for applications, infrastructure, and cloud changes.
- Perform risk assessments for requests (e.g., new applications, integrations, browser extensions) and recommend controls.

External security activities
- Coordinate external security partners (penetration tests, vulnerability assessments, purple-team exercises): scope, rules of engagement, access coordination, scheduling, and tracking
-Triage findings, prioritize remediation, and drive closure with internal stakeholders.

Your Skills

Must-Have

- Bachelor's degree in computer science, Information Security (or related) or equivalent professional experience.
- 5+ years in security operations / security engineering / incident response roles.
- Hands-on experience operating and improving a modern security stack (e.g., SIEM, SOAR, EDR, WAF, vulnerability management).
- Strong AWS security foundations (IAM, networking/VPC concepts, native controls, logging/monitoring strategy).
- Solid application security knowledge (AuthN/AuthZ, OWASP Top 10, API security, CSP concepts).
- Proven incident response experience: investigation, containment, eradication, RCA (forensic experience valued).
- Strong networking fundamentals (TCP/IP, HTTP/S, DNS, SMTP, SSH, TLS, firewalling) and ability to analyze logs/traffic.
- Ability to develop and maintain automation/scripts (Python required).
- Fluency in French and English.

Nice-to-Have

- Security certifications (e.g., CISSP, GCIA/GCIH, SIEM-related) or equivalent experience.
- Experience in regulated industries (healthcare/fintech/govtech).
- Comfortable working cross-functionally with Security, IT, Engineering, and Compliance.
- Familiarity with engineering workflows (Git-based collaboration, CI/CD concepts).

Note

- Remote work is permitted for up to two days per week.
- This position involves taking part in on-call responsibilities.