Senior Security Engineer

Company Description

Re:Sources is the backbone of Publicis Groupe, the world's third largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to more than 4,000 people serving a global network of prestigious advertising, public relations, media, health and marketing agencies. digital. We offer technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients. . In addition to providing essential, everyday services to our agencies, Re:Sources develops and deploys platforms, applications, and tools to improve productivity, foster collaboration, and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive in a spirit of innovation that is felt around the world. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.

Job Description

Objective:

To be responsible for orchestrating Publicis Groupe-wide security engineering operations and functions. The role must be able to translate the IT-risk requirements and constraints of the agencies into technical control requirements and specifications. Maintain and analyze web application firewall data and cloud security platforms.

Responsibilities:

• On call rotation
• Diagram high level infrastructure reference architecture and controls for engineering, operations, and management reference
• Provide technical expertise to the risk management team to assess technical risk
• Identify opportunities for process improvement to meet and exceed customer service expectations and improve overall risk posture
• Utilize Threat Intelligence and Threat Models to create threat hypotheses
• Prepare project documentation (guides, configuration documents, etc.)
• Firewall rule analysis and firewall request approvals
• Lead and provide clear guidance to multiple teams, ensuring results are aligned with business objectives and within planned timelines
• Broad technical background with a knowledge-base in network security, and web applications
• Establish relationships with various security technology and service vendors

Qualifications

• Good working knowledge of various security technologies such as network and application firewalls, CNAPP and SSPM, and XDR systems
• Expertise in network, host, and cloud-based analysis and investigation
• Analyze and correlate threat assessment data
• Tuning WAF, CNAPP, SSPM
• Analyze network/security logs, root cause analysis
• Prior experience with ThreatX Web Application Firewall
• Prior experience with Wiz CNAPP
• Prior experience with Adaptive shield SSPM
• Extensive knowledge and experience working with a data centric environment, traditional datacenters and virtualized environments
• System integration, administration, documentation, change control
• Gather evidence for audits pertaining to security tools
• API Automation to increase operational excellence and to enhance value from security tools
• Experience with Python, Bash, Powershell scripting, and Lambda
• Advanced English
• IT Bachelor’s degree
• Preferred certified in at least one or more of the following certifications: CISSP, CISA, CISM, GCIH, GPEN, or other accredited security credentials