Hybrid mode (remote/onsite) or full remote
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets, including the famous Ledger hardware wallets line with more than 5 millions units already sold in 180 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Have a look at our Origins video here.
As a Senior Cyber Security Engineer, you will contribute to Ledger’s high ambitions in maintaining a five-star cyber security practice and standard, by designing, selecting, implementing and operating a wide variety of security toolsets across different environments, working closely with other tech teams. Autonomous and creative, you’ll join a small team and take ownership of your projects. This will be a challenging and rewarding position and a very technical and "hands-on" role.
• Design, select, test, configure, deploy, maintain, monitor and fine-tune security solutions (such as VAS, SIEM, EDR, IAM, WAF and ad-hoc tools) into the overall environment to prevent, detect and/or mitigate vulnerabilities and threats in collaboration with the other related teams and security experts.
• Develop automation to manage security tools and integrate security standards in workflows (Infrastructure-as-Code, SDLC…).
• Build and feed relevant KPIs, SLAs and reporting to meet business objectives.
• Provide deep technological expertise, guidance, recommendations and standards on security at different layers (networks, systems, Cloud, endpoints, applications…) in a hybrid environment (Cloud/Onsite).
• Ensure that business requirements are understood and adhered to as well as security risks and standards in new and existing infrastructure are properly understood and mitigated.
• Assist in response to due diligence and internal / external security audit requests.
• In-depth hands-on experience (min. 5 years) in Cyber Security, ideally including incident response and mitigation.
• In-depth and hands-on expertise in deploying, configuring and maintaining at least two (preferably more) security solutions among IAM/SSO, vulnerability assessment, SIEM, EDR, WAF, DLP, firewalls, IDS…
• Knowledge in system, network, DB and Cloud admin (Linux, TCP/IP, PGSQL, AWS..).
• Knowledge in web application security and SSDLC (OWASP, Git, CI/CD…). Developer and/or pentesting skills would be a good differentiator.
• Experience in scripting languages (Python, Shell), automation tools (Terraform, Ansible).
• Experience on leading complex and cross-team projects, in a fast-paced environment.
• Knowledge in at least one (preferably more) standards (ISO 27001, SOC2 and GDPR).
• Bachelor’s degree in information security or technology (certifications may be nice-to-have).
We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.
#LI-RDP #LI-Hybrid
These companies are also recruiting for the position of “Cybersecurity”.