Cybersecurity Engineer

Cybersecurity Implementers - Infrastructure (DevSecOps Engineers), * Implement a DevSecOps approach to secure and upgrade infrastructure.

• Manage automated patch management systems within virtualized datacenters (VMware and/or Xen, Citrix).
• Ensure secure onboarding of new systems using predefined security standards.
• Protect critical infrastructures by hardening, segmenting, and safeguarding against technical threats and vulnerabilities.
• Document processes and track activities.

Technical Scope:

• Physical and virtual servers, hypervisors, operating systems (Windows, Linux, Citrix, Xen, VMware, Kubernetes).
• Cloud environments and IaaS/PaaS platforms.
• Storage, backups, virtualization platforms., * Implement, manage, and secure patch management, hardening, and compliance systems.
• OS hardening and encryption.
• Automate VM onboarding and patching.
• Provide expertise for deployment, installation, and maintenance of system software.
• Respond rapidly to critical security updates.
• Manage patching for heterogeneous IT systems.
• Document via SOPs, procedures, and audit evidence.
• Set up operational test and validation environments.
• Manage constraints related to legacy systems.
• Implement rollback and automatic remediation mechanisms.
• Define and apply security baselines for Windows and Linux systems.
• Collaborate closely with infrastructure and application development teams.

Technical Environments:

• Systems: Windows Server / Linux.
• Virtualization: VMware, Xen/Citrix, Docker, Kubernetes.
• On-premise datacenter.
• Possible tools: WSUS, SCCM, third-party patch management tools, Ansible, PowerShell, Bash, hardening and compliance tools (GPO, SCAP, STIG, CIS baselines).

• A degree from a recognized university in a relevant discipline and five years of relevant professional experience are required. Alternatively, ten years of progressive and in-depth expertise in a similar role.
• Strong practical experience in designing, developing, implementing, testing, and maintaining patch management, orchestration, configuration, and change management tools.
• Proven ability to manage emergency situations related to urgent security updates.
• Expertise in designing and architecting automated patch systems.
• Expertise in Windows and/or Linux system administration.
• Solid experience in patch management and hardening.
• Mastery of security baselines and STIG.
• Good knowledge of virtualized environments.
• Experience with legacy systems.
• Skills in automation and scripting.

Methodological Skills:

• Ability to design processes from scratch.
• Rigor, organizational skills, and prioritization.
• Strong writing and documentation skills.
• Autonomy and security-oriented analytical mindset.
• Ability to interact with business stakeholders.
• Work in a high-availability environment.

Desired Profile:

• Experienced systems engineer/administrator.
• Strong sensitivity to security and compliance issues.
• Comfortable with technical debt, upgrades, and standardization contexts.

Working Schedule:

• Full-time positions working on-premise.
• Once mutual confidence levels are established, a maximum of 2 days per week of remote working can be authorized.