Head of Active Defense Engineering (M/F)

As part of its new organization and the global challenges facing Equans in the field of cybersecurity, the SLS Cyberdefense of Equans is looking for:

Head of Active Defense Engineering (M/F)
Position based in La Défense (92)

Reporting to the SLS Cyber Defense Director, you will be responsible for managing the Active Defense team, whose role is to carry out threat anticipation missions, detect and prioritize vulnerabilities, collect information for detection and forensic purposes, be a key stakeholder in our detection capabilities and act as technical lead on cyberdefense engineering for the SLS and Equans. You oversee threat anticipation by maintaining, developing and improving the logging infrastructure and tools and participating in the collection plan in close collaboration with CSIRT. You will be responsible for current log collection infrastructures, extending detection coverage and integrating new business and technologic areas in our supervision capabilities. In charge of vulnerability management for Equans, you prioritize remediation plan for Equans BU. You communicate directly with Business Units to complete detection coverage and participate in completing SLS Cyberdefense knowledge database. You discover, inventory and test external surface attack, making possible attack path close before exploitation of an attacker. You oversee red and purple team activities and manage penetration testing campaigns using offensive tooling. The results of these activities aim to improve our Cyberdefense capabilities and build remediation plans. You operate and maintain Cyberdefense infrastructure to ensure CSIRT capabilities and SLS Cyberdefense resilience regarding to cyber crisis. As a Cyberdefense manager, you actively participate in internal and external cybersecurity communities and work groups. You take responsibility for important cybersecurity projects and are an actor of crisis management at Equans group level.

Your main tasks and activities will be to:

• Detection Engineering :
  • Manage perimetric and internal network detection, in collaboration with CSIRT.
  • Optimize log collection, maintain SIEM, extend current collections. Ensure their completeness and quality for detection and forensic purposes.
  • Propose new collection sources. Define audit policies for Business Units.
  • Meet with BUs in order to discover and cover the perimeters to be supervised, collaborate with CSIRT in collection plan definition and effective supervision.
  • Produce reports on the status of data collection.

• Vulnerability Management and Compliance:
  • Discover and prioritize vulnerabilities for the Group and monitor their remediation.

• Offensive Security :
  • Organize and carry out offensive operations with (purple) and without (red) CSIRT collaboration.
  • Carry out internal scan campaigns.
  • Configure and operate offensive tools: Breach & Attack simulation, honeynets….
• Infra & Tooling:
  • Maintain and develop the tooling infrastructure and tools for the entire Cyberdefense SLS.
  • Ensure the resilience of the SLS.
  • You produce dashboards and documentation.

• EASM :
  • Discover Equans’ entire external attack surface, test systems that could potentially give an attacker access to Equans’ IS, and have any vulnerabilities corrected.

• Peer connection:
  • Participate in internal and external communities.
  • Participate in large-scale incident response and cyber crises.
  • Actively collaborate on important cyber defense projects.

• In conjunction with Equans internal teams and partner teams:
  • Lead with internal teams and external service providers the projects of expansion of the detection perimeter on network, cloud, systems, mobile environments…
  • Propose and follow up the services related to the maintenance in operational and security conditions of the CSIRT infrastructure.
  • Manage operationally service providers
  • You have significant experience in the security operations field, network and cloud environment: AWS and AZURE.
  • You design solutions based on security-by-design and privacy-by-design principles. Creates and continuously improves architectural models and develops appropriate architectural documentation and specifications. Coordinate secure development, integration, and maintenance of cybersecurity components in line with standards and other related requirements.

Your profile:

• You have significant experiences or at least 5 years of experience in SOC build and/or cybersecurity engineering management.
• You have strong experience in SOC Architecture (conception / implementation) and related SOC organizational processes.
• You have a higher education degree (an Engineering degree in cybersecurity or a master’s degree in computer science and networks) or a proven experience in cybersecurity architecture.
• You build resilience against points of failure across the SLS Cyberdefense.
• You communicate, present and report to relevant stakeholders.
• You are curious, rigorous and eager to take on challenges.
• You have leadership and are able to federate and create synergies between Cyberdefense teams and between Equans Cyberdefense and Business entities.
• Experience in a decentralized and/or international company or organization is a plus
• You have a sense of ethics, and you show discretion.
• Fluent and professional English is mandatory as you will lead security operations in Europe and internationally.
• You may be required to travel within the Equans perimeter.
• Cybersecurity and engineering certifications are appreciated.