About the team

The Security Team, part of the General Secretary, consists of 5 people specialised either in Security Operations or in Governance, Risk, and Compliance (GRC) led by the Chief Information Security Officer (CISO). Their primary missions include conducting risk assessments, implementing relevant cybersecurity measures, and controlling their effectiveness in order to detect and block security threats and ensure compliance with industry regulations.

We are looking for a highly skilled Security Operations Engineer with a strong background in Identity and Access Management (IAM) and Security Operations. The ideal candidate will join a cross-functional team of 5 people and work with all Alma’s business lines, mainly with the Product and Engineering teams (to improve the security of our product and infrastructure), but also with the IT, Legal, Compliance, and Workspace teams.

About the mission

Working as a Security Operations Engineer - IAM, your key responsibilities are:

• Identity and Access Management (IAM): design, implement, and manage IAM systems to ensure secure and efficient user access
• Zero Trust Security: with the support of the Platform team, develop and maintain Zero Trust security architecture and frameworks to ensure sensitive assets are available only from authorised users in a secure context
• Endpoint Security: in alignment with Engineering & IT teams, implement and manage endpoint security solutions to protect against malware and other threats
• Incidents: together with the Security team, monitor security alerts and incidents, conducting triage, and coordinating response efforts to protect the organisation from threats
• Providing expertise and guidance on Identity and Access security best practices to cross-functional teams, and with the support of other team members for all types of security best practices
• Staying up-to-date with the latest cybersecurity threats, trends, and best practices

About you

You will be a good fit for the role if (mandatory qualifications):

• Education background: you hold a Bachelor or Master's degree in Information Security, Computer Science, or a related field
• Experience: you have a minimum of 4-5 years of relevant experiences in Information Security Operations background (internships & apprenticeships excluded) with proven experience in managing security incidents and responses
• Language: you're fluent in French and have a full professional proficiency in English
• You have excellent communication skills

Mandatory technical experiences:

• Proficiency in IAM technologies and standards (e.g., SAML, OAuth, OpenID Connect)
• Experience with Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions
• Experience with network segmentation, access control technologies, and Security Service Edge tools
• Knowledge of Windows, MacOs and Linux operating systems hardening
• Proficiency in shell scripting and automation tools
• Experience with incident response and forensic analysis

A previous experience in the Tech / Payment industry will make you stand out of the crowd!

And the necessary soft skills that help you succeed in your function?

• Interpersonal skills: you know how to navigate in an organisation and federate stakeholders to move your projects forward
• Teaching and popularisation skills: you will have to explain strategic issues to technical people, and technical issues to non-technical people
• Impact-driven: you know how to prioritise your tasks, define key results to achieve, and focus on what matters most
• Doer mindset: you are not afraid of taking responsibility and getting your hands dirty
• Problem-solving & creative: you know how to breakdown challenges into smaller issues and make your way by proactively suggesting workarounds

About the recruitment process

• Phone interview with Recruiter (30 mins)
• Remote Interview with Hiring Manager (45 mins)
• Remote live technical test (60 mins)
• Remote Final interview with the General Secretary (30 mins), following by a Remote Team Fit interview (30 mins)

#LI-Hybrid