About US (GEMS):

ENGIE Global Energy Management & Sales (GEMS) provides energy supply solutions and risk management services to support its clients through their decarbonization journey, while optimizing ENGIE’s assets and contributing to value creation.

ENGIE is a global reference in low-carbon energy and services with a leading energy management business, piloted by its entity "Global Energy Management & Sales" who built its savoir-faire managing the Group’s large and diverse asset portfolio over 20+ years.

3,600 employees around the world develop our solutions, through +20 international business platforms. We cover the full energy mix: renewable and thermal power, natural gas & LNG, biomass, environmental products. Our experts provide tailor made solutions based on a wide range of savoir-faire in energy management with a strong focus on decarbonation and decentralization.

Our 190,000 clients span the entire value chain: producers, asset developers, financial players, utilities, distributors and industrials. Our global reach and strong local presence enable us to offer these diverse clients tailor-made services and respond to rapid changes in mature or emerging markets alike.

Our 4 expertises:

• Asset management

• Energy transition services

• Energy supply & global commodities

• Risk management & market access

At GEMS we encourage breakthrough results, team spirit, curiosity and innovation while preserving the right work/life balance for you.

More info on GEMS Hub (https://gems.engie.com) or LinkedIn (https://www.linkedin.com/company/engie-global-energy-management-solutions).

Context:

The cybersecurity team in GEMS is made of 5 people, overseeing the operational cybersecurity activities for GEMS business and IT teams. The team is reporting to GEMS Chief Information Security Officer and is mandated to:

• process security incidents,
• implement security measures and workarounds,
• conduct penetration testing (pentests) on the assets of the information system to identify potential vulnerabilities and improve security,
• manage bug bounty programs on assets exposed over the Internet
• act as cybersecurity advisory to IT teams in terms of best practices and architecture,
• steers IT teams to keep up with the expected level of security baseline and compliance
• executes cybersecurity projects such as Privileged Access Management, Secret scanning, Vulnerability management tooling deployment
• manages and executes Identity & Access Governance process

Role:

The missions of the position will be:

• follow cybersecurity incidents until resolution or containment
• follow cybersecurity vulnerabilities until remediation is confirmed
• liaise with Risk Management team to introduce new risk acceptance or derogation requests
• liaise with cybersecurity ethical hunters and internal IT teams to assess and follow vulnerabilities reports
• cybersecurity compliance watch on Cloud Security Posture Management
• engage with IT teams on security architecture analysis

Hard skills:

• Must have:
  • Network protocols and network security (firewalls, proxies)
  • Security architecture principles
  • Basics of cryptology and public key infrastructure
  • Basics of scripting and coding
  • Knowledge of common attack vectors and techniques
  • Basics of operating systems administration
• Good to have:
  • OWASP
  • CVSS methodology
  • Defensive cybersecurity techniques
  • Knowledge and manipulation of security tools like Antivirus, EDR, XDR
  • Logs monitoring

Soft skills:

• Must have:
  • analytical and problem-solving abilities
  • communication and teamwork skills
• Good to have:
  • keeping up with emerging developments in cybersecurity
  • ability to think from an attacker's point of view

Education and professional background:

• Bachelor or equivalent from a Cybersecurity academic school
• Enterprise discovery internship is not mandatory but good to have

Languages:

• French & English professional proficiency

If you meet these requirements, then you are the talent we are looking for. Do not waste time! 

Apply by attaching your updated CV, regardless your gender.

ENGIE Global Energy Management & Sales is committed to create a gender-neutral environment that unlocks the potential of everyone and provides equal employment opportunities for all individuals. 

All our positions are open to people with disabilities, please let your recruiter know if you need reasonable accommodations to be able to participate in the recruitment process, they will be happy to assist you. 

About ENGIE:

Our group is a global reference in low-carbon energy and services. Our purpose (“raison d’être”) is to act to accelerate the transition towards a carbon-neutral world, through reduced energy consumption and more environmentally-friendly solutions, reconciling economic performance with a positive impact on people and the planet. We rely on our key businesses (gas, power, renewable energy, services) to offer competitive solutions to our customers. With our 96,000 employees, our customers, partners and stakeholders, we are a community of Imaginative Builders, committed every day to more harmonious progress.