EDR & VM EXPERT

BUCHAREST

ENGIE GBS ROMANIA

One of the world's leading energy companies, ENGIE is present across the entire energy chain, in electricity and natural gas, from upstream to downstream. By placing responsible growth at the heart of its businesses (energy, energy services and the environment), its mission is to meet major challenges: meeting energy needs, ensuring security of supply, combating climate change, and optimizing the use of resources.

GBS is part of ENGIE, partnering with the support functions for the ENGIE's Business Units and Corporate. It currently has 7 Business Support functions: purchasing, consulting, finance, real estate and logistics, legal, human Resources, information systems. By 2025, GBS is ENGIE's "transition maker" for support function excellence. Amplifying ENGIE's net zero mission, we provide a competitive edge through efficient operations, strategic resource allocation, and pioneering in culture and technology.

At ENGIE, every talent has a role to play in accelerating the energy transition. Make a difference and enjoy a fulfilling professional experience, take on exciting challenges, and shape the path that suits you. Join us and be part of the adventure of our century!

What you will do:

As EDR & VM Expert in the Global Security Operations Center (GSOC), Your role will be to provide a comprehensive support to ensure the effective operations of cybersecurity platforms. This role involves reviewing and processing tickets, managing access and assets, supporting users, proactive monitoring of cybersecurity platforms, developing new capabilities, conducting platform audits, and maintaining up-to-date the service documentation.

The support service is available 24x7, as such you will required to perform on-call duty as per the planning scheduled by the service delivery manager, you should account 1 week of on-call duty every month or 5 weeks depending on the rotation planning.

• Review & timely process tickets (incidents & service requests) created on the ITSM platform.
• Manage access by granting, editing, or removing access permissions.
• Design and/or develop automated tasks.
• Provide support to platform users, including entities and the Global Security Operations Center (GSOC).
• Create, schedule and execute vulnerability scans.
• Conduct troubleshooting and operational incident handling activities.
• Create and manage the cases with the vendors’ support service.
• Participate actively in the internal team meetings and meetings with vendors.
• Proactively monitor the platforms to ensure its effective operation.
• Escalate to the solution lead or the service delivery manager any major incidents (Priority 1).
• Contribute to the enhancements of the service (new capabilities and features).
• Support change requests and audits activities to ensure compliance and performance.
• Support the creation and maintenance of service documentation (procedures and runbooks).

Desired education, expertise, and skills: 

• Master's degree in Cybersecurity, Information Technology, or a related field.
• Minimum 6+ years of experience in cybersecurity platform’ operations.
• Proven experience in a business support or similar role.
• Strong knowledge of EDR and Vulnerability Management technologies, including CrowdStrike, Hackuity, PRISMA CWP and Tenable, and their technical capabilities.
• Strong understanding of access and asset management principles.
• Familiarity with development AWS cloud environment and operating/ maintaining related services.
• Experience in automation, including skills in Python and cloud development, is highly appreciated.
• Experience with ticketing systems and SLA management.
• Solid understanding of vulnerability and patch management principles
• Knowledge of Cloud AWS, Microsoft Azure and Office 365 environments
• Strong expertise with CrowdStrike EDR
• Strong expertise with PRISMA CWP
• Strong expertise with Hackuity platform
• Strong expertise with Tenable
• Experience in conducting incident handling and reporting activities
• Scripting capabilities to automate repetitive actions
• Experience with modern ticketing systems such as ServiceNow and ITIL-based service management frameworks to manage incidents, change requests, and other operational tasks.
• Good familiarity with Confluence for procedure management
• Cyber defense certifications (SANS, GIAC, AWS, etc…)

Benefits:

• Private health insurance for you and your family;
• Opportunities for ongoing personal and professional development;
• Meal tickets;
• Work-life balance;
• Annual extended holiday entitlement, depending on the length of employment;

Only candidates selected for interviews will be contacted.

If you decide to send us your personal information in order to apply for this position, please be aware of our job candidate GDPR Data Privacy Notice: https://www.engie.ro/wp-content/uploads/2022/09/ER_Nota-de-informare-Candidati.pdf.

ENGIE is an Equal Opportunity Employer. Our commitment is unwavering: we do not discriminate based on race, color, age, sex, religion or religious creed, national origin, marital status, gender expression, genetic information, sexual orientation, ancestry, mental or physical disability, military or veteran status, or any other characteristic protected by law.