Cyber Security Engineer(F/H)

Hilti Published: December 16, 2022
Location
Paris, France
Job Type

Description

What's the role?

The Cyber ​​Security Engineer will be part of the Cyber ​​Security team consisting of employees and external partners for Hilti's Digital Marketing and Services unit.

Project scope includes E-commerce sites, collaboration apps, digital catalog and learning systems to help Hilti customers buy, engage, and learn about, and how to use, Hilti products.

The Cyber ​​Security Engineer influences both internal and external stakeholders at all levels in developing and depending secure systems for all Digital marketing platform applications.

  • Provide leadership in the Cyber ​​Security areas of: Vulnerability Scanning; 
  • Certificate and Password Policy Management; Data Analysis of security monitoring outputs; coordination of Remediation Patching; 
  • Analysis of threat landscape and advise development team on cyber risk and mitigation measures; and other daily Security and Compliance efforts.
  • You will work in close collaboration with Security Incident Responders, Cyber ​​Threat Intelligence Analysts and Cybersecurity Architects in the team and with colleagues in IT Operations to improve the overall security posture of Hilti.

What does the role involve?

Manage and enforce with security governance policy:

o Managing identify and access management through collaboration with Global IT managed Active Directory, AWS IAM

o Ensure that development team members have the least-privileged access that they can function day-to-day

o Audit of access logs for seeing patterns and possible violations. Create scripts or automation of audit checks

o Managing security policy for secure coding guidelines for the application development team. Responsibility includes managing, administering and enforcing security policies for tools like Secure Code Analysis and Dynamic Application Security Testing

Vulnerability management:

o Assists in penetration testing preparedness

o Managing and creating alerts for potential security incidence like looking at access errors, possible attacks and working with the API gateway and network team in transparency of errors across the data access path

Automation implementation for proactive security check:

o Container security verification, by ensuring the container to be deployed is check for security vulnerabilities, including dependency checks that might compromise the data access

o Automation of backup and restore.

o Ensuring all the logs are properly archived and can be used for future security incidence investigation

Network Segmentation and Data access protection:

o Implementation and management of network segment within the AWS clusters and its needed services. Also ensure the connectivity and access control to-and-from third-party providers, such as payment providers, are hardened, and properly validated.

o For secure data access, ensure the data has the proper rule and setup for integrity, availability, and confidentiality.

o Collaborate with the Global IT team in ensuring the data is properly backup with timely snapshots, encrypted at rest, and have proper access control

o Continuously Improved Application and System Security processes and Tools

o By subscribing to Common Vulnerability and Exposure database, we continuously monitor CVE that can affect application or systems and alert and collaborate with the rest of the Application Development and Dev Ops team for code and systems remediation and patching

o Collaborate with Hilti Information Security Office in improving security control policy and assists in security compliance certification

Additional duties, as assigned

What you need is:

  • Bachelor's degree in Computer Science, Computer Engineering or related field (or equivalent work experience
  • Minimum six (6) years combined experience in system or network engineering and cybersecurity
  • Good knowledge of security standards and cybersecurity frameworks (ie CIS, NIST, RFC2196)
  • Familiarity with the MITER framework
  • Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives
  • Ability to prepare security vulnerability and risk management reports for management.
  • Experience of managing and administering Security protection tools such as Web Application Firewall, Denial of Service protection
  • Working knowledge of Secure Code Analysis and Dynamic Application Security Testing tools
  • Scripting knowledge like shell scripting, Node.js, or python that can leverage API and automation tools in cloud provider
  • Knowledge of Linux / Unix patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
  • Prior experience working with geographically distributed development teams
  • Exceptional organizational skills with strong attention to detail and follow-up
  • Excellent communication skills (verbal & written)

Who should apply?

We're investing more than ever in our digital transformation. As a company whose lifeblood is innovation, we give our customers the next level of digital offerings on an impressive global scale! For you, it means unrivaled opportunities to work in a start-up within' environment, develop an international career and really have an impact on the shape of things to come.

What do we offer?

To further accelerate in digital marketing, we are building our Global Digital Hub in Paris. You will experience the agile mentality of a start-up, combining the stability of a sound business model and the working environment of an award-winning culture.

You can make an impact from day one in an international and diverse team by shaping the future of digital at Hilti and revolutionize customer interactions.

WAS BIETEN WIR?

To further accelerate in digital marketing, we are building our Global Digital Hub in Paris. 

You will experience the agile mentality of a start-up, combining the stability of a sound business model and the working environment of an award-winning culture.

You can make an impact from day one in an international and diverse team by shaping the future of digital at Hilti and revolutionize customer interactions.

WAS SIE MITBRINGEN:

  • Bachelor's degree in Computer Science, Computer Engineering or related field (or equivalent work experience
  • Minimum six (6) years combined experience in system or network engineering and cybersecurity
  • Good knowledge of security standards and cybersecurity frameworks (ie CIS, NIST, RFC2196)
  • Familiarity with the MITER framework
  • Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives
  • Ability to prepare security vulnerability and risk management reports for management.
  • Experience of managing and administering Security protection tools such as Web Application Firewall, Denial of Service protection
  • Working knowledge of Secure Code Analysis and Dynamic Application Security Testing tools
  • Scripting knowledge like shell scripting, Node.js, or python that can leverage API and automation tools in cloud provider
  • Knowledge of Linux / Unix patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
  • Prior experience working with geographically distributed development teams
  • Exceptional organizational skills with strong attention to detail and follow-up
  • Excellent communication skills (verbal & written)

Related Jobs

Scientific Lead   Barcelona, Spain
February 7, 2024