Agent de Sécurité assurant la sécurité des usagers du réseau de transport TBM. Rattaché au Manager de Proximité Sûreté, garantissant la qualité de service public de transport en commun.
About the role
- Senior Security Engineer ensuring data security and integrity in cloud environments at Docebo. Collaborating across teams to protect company assets while enhancing user experience.
Responsibilities
- Security Measures and Tools Management: guide and deliver the installation, configuration, and management of security tools for safeguarding systems and data. Continuously monitor and adjust security measures for optimal protection. Lead security initiatives to strengthen and enhance Docebo's cybersecurity posture.
- Cloud Security Solutions: collaborate with Cloud Infrastructure & Operations teams to design and maintain robust security solutions for cloud environments. Define the strategy and update solutions to address evolving threats. Define and oversee the optimal account structure following best practices.
- Endpoint and Email Security Management: deploy and manage security measures on endpoints and email systems to prevent unauthorized access and threats. Implement policies to enhance email security and reduce email-borne risks.
- Incident Response and Analysis: Coordinate and lead the investigation of security incidents to determine causes, impacts, and potential exposure of sensitive data (e.g. PII, credentials). Perform Root Cause Analysis (RCA) to prevent recurrence, leveraging automation, AI, and threat intelligence where possible; taking responsibility for following up with internal and external parties, including SOC/IR partners, to ensure effective closure of the incident.
- Access Control and Identity Management: define and enforce Role-Based Access Control (RBAC) policies. Oversees and manages Identity and Access Management (IAM) solutions for secure authentication and authorization.
- Vulnerability Management: identify and prioritize vulnerabilities in systems and applications. Oversee and deliver remediation efforts to address vulnerabilities promptly.
- SIEM and Detection Engineering: Use SIEM tools to monitor and analyze security events and logs, leveraging detection engineering practices (rule development, testing, and tuning) to improve visibility. Enhance threat detection and response capabilities by aligning with industry frameworks such as MITRE ATT&CK.
- Development of Security Best Practices: develop and document best practices, policies, and procedures for information security. Provide guidance and training to promote a security-aware culture.
- Monitoring of Security Configurations: audit and assess security configurations across the IT and Cloud infrastructure. Implement automated tools and processes for effective monitoring and enforcement of the appropriate level of security controls.
- Develop and oversee effective strategies to prevent repeated risks affecting the infrastructure.
- Vendor relationships: Maintain relationships with security vendors for technical issues, ensure smooth operations of security tools and services, and escalate problems or incidents to vendors when required.
Requirements
- 5+ years of relevant work experience in cybersecurity, with strong exposure to incident response, SOC operations, or IR consulting.
- Solid experience with cloud platforms (AWS preferred; Azure/GCP a plus) and familiarity with cloud security tools (e.g. CSPM, CWPP, CIEM, CNAPP).
- Proven experience with incident lifecycle management, including investigation, containment, remediation, and post-incident analysis.
- Experience with SIEM and EDR platforms, including threat hunting, log investigation, and detection engineering.
- Familiarity with automation platforms and AI-driven security tools to streamline detection, enrichment, and response.
- Strong ability to work with large volumes of security and application data, extracting and correlating events to assess impact on sensitive information (e.g. PII, credentials).
- Experience with threat intelligence feeds, platforms, and enrichment tools, and the ability to operationalize threat intel to enhance monitoring and response.
- Familiarity with identity and access management (IAM), endpoint protection, and modern security architectures.
- Experience with Infrastructure as Code (IaC) and scripting (Python, Bash, PowerShell, etc.) to develop custom workflows.
- In-depth knowledge of information security principles, best practices, and cybersecurity frameworks (MITRE ATT&CK, NIST CSF, CIS, SOC 2, ISO 27001, PCI, FedRAMP).
- Experience in hardening operating systems (Linux preferred).
- Hands-on experience with network security fundamentals and practices.
- Ability to produce clear, comprehensive, and well-structured documentation (e.g. incident reports, playbooks, procedures, and technical findings) and to communicate complex technical issues effectively to non-technical stakeholders.
Benefits
- Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
- Employee Share Purchase Plan
- Career progression/internal mobility opportunities
- Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
- WeWork partnership and “Work from Anywhere” program
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Web and Remote Access Security Engineer managing secure remote connectivity solutions. Collaborating across security and networking domains to enable reliable access for global workforce.
Security Officer protecting patients, visitors, and staff at Shriners Hospital for Children in Sacramento. Engaging in various responsibilities related to safety and security on hospital property.
Senior IT Security Administrator supporting IT security operations at Uline. Collaborating with teams to develop security procedures and manage risks effectively.
Security Technician at Presbyterian Healthcare Services ensuring safety through patrols, incident response, and emergency preparedness. Responsibilities include monitoring risks and documenting activities efficiently.
Product Security Engineer at Junglee Games ensuring security is integrated into each stage of the software development lifecycle. Collaborate across teams and harden the security of products and platforms.
Senior Cybersecurity Documentation Specialist managing Risk Management Framework initiatives for Leidos. Supporting cybersecurity documentation and compliance activities across departments with a focus on national security.
Senior Penetration Testing Analyst collaborating with DoD and other teams on cybersecurity solutions. Conducting penetration tests and assessments to enhance security across various environments.
Security Engineer role at Contour Software focused on IT administration and security operations. Ensuring tools and systems are secure and aligned with best practices across the organization.
First Vice President driving Axos Bank's information security strategy and leading a high - performing team. Architecting solutions and leading technical initiatives within a fast - paced environment.