Head of Customer Cyber Defense (M/F/X)

1. EQUANS 

Equans is a world leader in the energy and services sector, with annual revenues of nearly €19,2 billion* and almost 800,000 projects.​ 

Equans has leading positions in Europe, which is the result of the history of energy construction in these countries, and strong presences in North and South America and in Oceania.​ 

With nearly 90,000 highly skilled employees, Equans has a strong geographic footprint, anchored by historic local brands. Equans provides its customers with excellent technical expertise in the design, installation, maintenance, and operation of multi-technical facilities. This know-how is based on key skills. First of all, in electrical and thermal engineering – two strong points that help accelerate the reduction of our clients’ carbon footprint – but also in ventilation, refrigeration, mechanics and robotics, fire protection, energy renovation, digital solutions, IT, cyber security and telecommunications.​ 

The combination of these expertises allows us to offer efficient and optimised solutions at all stages of the energy chain, from production, storage and transport to usage. 

(*) Turnover 2024 consolidated 

1. Head of Customer Cyber Defense (F/M) 

SUMMARY OF THE ROLE

Customer Cyber Defense (CCD) team, part of SLS Cyber Customer Trust (SLS CCT), is the OneITeam organization responsible for delivering detection (SOC), vulnerability management and incident response services for Equans-owned business systems (IT/OT) that support the delivery of services to Equans customers. 

Reporting to the SLS CCT Director, the Head of CCD manages the CCD team and is accountable for the delivery, quality and performance of CCD services end-to-end. The role includes people management, service strategy and capacity planning, and acts as the Service Delivery Manager (SDM) for the CCD scope, ensuring stakeholder synchronization, service reporting and governance. 

In addition to day-to-day service delivery, the Head of CCD is responsible for consolidating and scaling the CCD service line over a multi-year roadmap: structuring and growing the service offer, selecting and deploying the associated tooling, establishing the operating model and key processes (onboarding, run, reporting and continuous improvement), and embedding CCD “by design” into new hosting offers for business systems (Customer Landing Zones). The role works in close alignment with the SLS CCT Director and maintains direct exchanges with the Group CISO on strategy, priorities, risks and required investments. 

This position requires strong coordination with Business Units and their business teams, local security teams (CCT local teams), internal Cyberdefense functions, and cybersecurity solution providers/partners. 

KEY METRICS OF THE ENVIRONMENT 

• Hosting: Most of the IT are managed on Azure and AWS, new Customer Landing Zones (CLZ) to come to host business systems (projects, production, etc.). These Customer Landing Zones will be operated in Azure, AWS, GCP, and potential sovereign European CSP. 

• Teammates: 4,5 FTE in Customer Cyber Defense team (including the Head of CCD) at the beginning, potential for growth. 

KEY RESPONSIBILITIES 

The Head of CCD for Equans is in charge of managing the CCD team and organizing the delivery of the following activities for the Group: 

• Service delivery and quality: ensure CCD services are delivered end-to-end with consistent quality, predictable execution, and clear service outcomes for Equans-owned business systems. 

• Strategy: define and execute a multi-year strategy to consolidate, expand and mature the CCD service line (capabilities, coverage, service levels, reporting), in line with SLS priorities and Group expectations. 

• Service offering structuring: maintain and evolve the CCD service catalogue (scope, service packages, deliverables), ensuring the offer is understandable and scalable. 

• Tooling: identify, select and deploy the necessary tooling to scale CCD (SIEM, long-term and agnostic automation, OT scope), and ensure the tooling is effectively integrated and operated. 

• Operating model and processes: evolve the existing operating model into a scalable and repeatable “factory” model, improving processes and documentation to support increasing scope and demand (onboarding, run, remediation follow-up, continuous improvement, change management, etc.). 

• “CCD by design”: drive CCD integration into hosting offers for business systems (Customer Landing Zones, mainly in the Cloud) so that logging/telemetry, scanning readiness and operational prerequisites are embedded by default in new deployments. 

• People management: recruit, lead and develop the CCD team based on onboarding pipeline and strategic growth. 

• Stakeholder coordination and governance (SDM role): act as the Service Delivery Manager for CCD, synchronizing stakeholders (BUs, local CCT teams, Cyberdefense, providers), running governance, and maintaining strong service communication. 

• Performance management and reporting: define and track KPIs, produce service performance and quality reporting, prepare and animate operational and steering committees, and ensure corrective actions are identified, owned and closed. 

• Provider & partner management: drive partner governance to support CCD scale-up (tooling evolution, operating model industrialization, upgrade planning), ensuring service continuity and delivery quality. 

• Risk management & escalation: identify service risks and blockers, propose mitigation plans, and escalate strategically to the SLS CCT Director and to the Group CISO. 

PROFILE  

Academic background & Experience  

• Engineering degree (Master’s level or equivalent) in computer science, cybersecurity, information sciences, or a related field. 

• 10 years of experience in the cybersecurity field. 

• minimum 3 years of experience within a SOC, VOC, CSIRT, CERT or cyber defense services organization, ideally with leadership experience. 

• Proven people management experience (recruiting, coaching, developing talents) and ability to plan capacity and workload based on demand. 

• Strong project management skills, able to drive service evolution and tooling changes under constraints (cost, timeline, dependencies). 

• Experience leading the scale-up of a service in a multi-stakeholder environment, with the ability to transition from a foundational service to a mature and repeatable operating model is a strong advantage. 

• Cybersecurity certifications are a strong advantage. 

• Experience in a decentralized and/or international company or organization is a plus. 

Behavioral Capabilities​ 

• Strong leadership skills 

• Excellent problem-solving and analytical skills, with a structured and methodological approach to operations and escalations. 

• Ability to collaborate effectively across Business Units, local security teams, internal Cyberdefense functions and providers/partners. 

• Strong communication and interpersonal skills; able to engage and align both technical and non-technical stakeholders (committees, governance, reporting). 

• Ability to recruit, coach and develop junior staff. 

• Continuous improvement and industrialization mindset; interest and skills in developing task automation. 

• Strong ethics and discretion. 

• Fluent in English and willing to work in an international context; comfortable in a multicultural, distributed environment. 

• You have an excellent methodological approach to managing incident responses. 

Skills 

• Good knowledge of information security concepts and technologies. 

• Strong understanding of SOC operations and workflows (use cases, triage, escalation) and familiarity with common SOC tooling (SIEM/EDR/SOAR, case management). 

• Solid understanding of vulnerability management fundamentals (coverage, prioritization, remediation follow-up, reporting). 

• Very good knowledge of Internet, DNS, networking and network protocols in general 

• Ability to structure a service offer and translate strategy into execution (operating model, processes, KPIs, governance, tooling). 

• Strong time management and prioritization skills; ability to multi-task and drive execution in a fast-evolving environment. 

• Incident response and incident prevention. 

WHY JOIN US? 

Motivational environment 

Join a dynamic team of passionate professionals, actively involved in prestigious cybersecurity collaboration networks. Be part of a culture that values excellence, innovation, and mutual support. 

High impact 

Group CIO–sponsored initiative, regularly reported at Group Comex level: high visibility, strong impact, and direct alignment with the SLS CCT Director and the Group CISO. 

Platform in the making 

Be part of a broader build-out where multiple foundations evolve in parallel: business system hosting (Customer Landing Zones) and associated security services (e.g., remote access, password management), with CCD as a core monitoring capability. 

Scale-up mindset 

Scale up the new Customer Cyber Defense: increase coverage, mature service levels, and industrialize delivery. 

Team growth 

Build and scale the CCD team: recruit, coach and dimension capacity with demand, while setting strong operational standards and culture.