Localisation :
LocalisationPorto, PortugalContrat :
Type de contratCDIDescription
- mc2i est un cabinet de conseil indépendant qui accompagne ses clients grands comptes dans leurs projets de transformation numérique.
- Depuis plus de 35 ans, nousintervenons dans des secteurs et domaines variés: Ressources Humaines, Énergies & Utilities, Transport, Banque, Finance & Assurances, Retail & Luxe, Médias & Télécoms, Marketing et Expérience client, Services publics, Cybersécurité, Data/IA, Infra, UX/UI Design, Management et organisation.
- Nous sommesreconnus pour notre approche entrepreneuriale, notre esprit d’innovation et notre engagement pour un numérique plus responsable.
- Avec plus de 1600 collaborateurs, mc2i a su conserver une ambiance conviviale et une proximité avec ses salariés.
Depuis plus de 20 ans, nous affichons une croissance à deux chiffres, ce qui témoigne de l’excellence de nos prestations. Pour continuer sur cette lancée, nous recherchons de nouveaux talents, recrutés exclusivement sur profil, qui viendront façonner l’avenir à nos côtés .
Description du poste :
--------------------------
Within the Cybersecurity Department of a major Luxury Group, the Security Integration in Projects (ISP) team ensures that security requirements are proactively and effectively embedded across all IT projects within the Group.
The ISP acts as a key player in the cybersecurity framework in order to:
- Reduce exposure to cyber risks
- Ensure regulatory compliance
- Enforce internal security standards
- Promote a strong Security by Design culture
The objective of this mission is to act as a Risk Assessor within the ISP team, contributing to all activities within the scope, in close collaboration with project teams, business stakeholders, cybersecurity teams, and design functions (architecture, privacy).
Main Activities:
- Security integration from project initiation: participation in Kick-Off Meetings, project criticality assessment, identification of security stakes, and triggering of required analyses.
- Risk analysis and treatment: execution of Business Impact Analysis (BIA) and CATIS, identification of threat scenarios, risk evaluation (custom methodology aligned with ISO 27005 & EBIOS RM), definition and follow-up of mitigation measures.
- Pentest coordination and follow-up: planning and coordination with external providers, analysis of test reports, and monitoring of vulnerability remediation.
- Validation of new applications/tools: risk assessment, compliance verification against internal standards, definition of compensating controls where needed, and issuance of formal security opinions.
- Technical architecture challenge: security review of proposed architectures (network segmentation, IAM, encryption, APIs, logging, interconnections) and formulation of recommendations prior to production go-live.
Votre profil :
------------------
Confirmed to Senior Profile (minimum 4 years of experience) with strong expertise in cybersecurity and risk assessment activities.
Technical skills:
- Strong knowledge of Information Security principles
- Risk analysis expertise (ISO 27005 / EBIOS RM aligned)
- Blueteam and security control expertise
- Architecture security (on-premise and cloud environments)
- Application security
- Network and Infrastructure security
- Vulnerability management
- Understanding of modern IT environments
- Expertise in AI, Cloud security, payment systems security would be highly appreciated
- Project environments include: AS400, Headless architectures, SAP, data platforms, new retail points of sale, Cloud AWS, Azure, GCP, Alibaba, Salesforce
- Certifications could be an advantage : CCSP, ISO27001, CISA, CRISC, CEH, CISSP, CCNA Cisco,...
- Facultative : Redteam culture or experiences
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Proin nibh augue, suscipit a, scelerisque sed, lacinia in, mi. Cras vel lorem. Etiam pellentesque aliquet tellus. Phasellus pharetra nulla ac diam. Quisque semper justo at risus. Donec venenatis, turpis vel hendrerit interdum, dui ligula ultricies purus, sed posuere libero dui id orci. Nam congue, pede vitae dapibus aliquet, elit magna vulputate arcu, vel tempus metus leo non est.
Etiam sit amet lectus quis est congue mollis. Phasellus congue lacus eget neque. Phasellus ornare, ante vitae consectetuer consequat, purus sapien ultricies dolor, et mollis pede metus eget nisi. Praesent sodales velit quis quam. Curabitur vel justo id mauris egestas congue. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Mauris ut elit. Integer ac mi. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.
Sed id ligula quis est convallis tempor. Curabitur lacinia pulvinar nibh. Nam a sapien. Quisque placerat. Ut venenatis, miky nisl sit amet porta feugiat, ante magna molestie nisl, id fringilla neque ante at elit. Mauris ut elit. Integer ac mi. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Sed id ligula quis est convallis tempor. Curabitur lacinia pulvinar nibh. Nam a sapien. Quisque placerat. Ut venenatis, nisl sit amet porta feugiat, ante magna molestie nisl, id fringilla neque ante at elit.
Fusce ornare, ante vitae consectetuer consequat, purus sapien ultricies dolor, et mollis pede metus eget nisi. Praesent sodales velit quis quam. Curabitur vel justo id mauris egestas congue. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Mauris ut elit. Integer ac mi. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Sed id ligula quis est convallis tempor. Curabitur lacinia pulvinar nibh. Nam a sapien.
