Senior IT Security Engineer

📣 Would you like to join a company that puts people at the heart of its concerns? We are waiting for you! Since 2007, Extia, an engineering consulting company, has been offering a unique approach in its field by combining well-being at work and performance.

Our philosophy at Extia is “First who, then what", so let's go for it!

🚀First who?

• Analytical, problem-solver and creative, you always have a new but appropriate solution to propose
• Good communicator and collaborator, you can work easily with cross-functional teams
• You hold a continuous learning mindset to stay updated with the latest cybersecurity trends and best practices

🚀Then what?

Senior IT Security Engineer who will join our client in the utilities sector. This person will lead cybersecurity initiatives, manage projects, and collaborate with various teams to ensure robust security for the organization’s IT infrastructure.

This position requires availability to go to the office in Bucharest. The frequency of office visits will vary from week to week, depending on team and project needs.

Responsibilities:

• Manage cybersecurity projects, including planning, architecture, deployment, and maintenance, ensuring compliance with company goals and regulatory requirements.
• Develop and implement cybersecurity strategies, policies, and procedures to safeguard company systems and data.
• Manage and review the security infrastructure, including SIEM, EDR, IPS/IDS, WAF, and NGFW.
• Conduct regular security assessments, including penetration testing and vulnerability scanning, to identify weaknesses and recommend remediation actions.
• Monitor, analyze, and investigate security events and incidents, identifying potential threats, determining root causes, and developing effective response plans.
• Provide cybersecurity training and awareness programs to employees to promote best practices and a strong security culture.
• Report to the CISO and collaborate closely IT and other departments to integrate security into all stages of system development and lifecycle.

Required technical skills:

• 5+ years in system administration, with expertise in Windows and Linux.
• 3+ years in cybersecurity roles, with experience in security engineering, authentication, and applied cryptography and ability to manage cybersecurity projects, covering architecture, planning, deployment, and maintenance.
• 3+ years of experience with SIEM (QRadar), EDR (Crowdstrike), firewalls, vulnerability scanners (Qualys, Acunetix, Nessus), and encryption technologies.
• Solid understanding of network protocols, routing, and switching, with experience in Cisco, Checkpoint, Palo Alto, and Fortinet.
• Scripting skills for automation and security tasks.
• Hands-on experience with security monitoring and incident management.
• Experience with compliance standards, cloud security (AWS), Microsoft technologies (Active Directory, DNS, DHCP, GPO), web application security (HTTPS, PKI, IIS, Apache), and virtualization (VMware).

🚀 Do you recognize yourself in the "Who" and represent the "What"? Apply and let's talk!