Participate in defining, implementing, and maintaining Signaturit's Information Systems Security (ISS) policy
Contribute to maintaining existing certifications and qualifications for trust services (eIDAS)
Prepare for future ISO 27001 certification (drafting procedures, implementing processes)
Process and respond to client security questionnaires, ensuring the accuracy of information
Assist the CISO in updating the ISS risk repository and analyzing vulnerabilities
Participate in risk impact analysis and propose mitigation action plans
Conduct security awareness campaigns for all staff
Disseminate best practices and act as an advisor and trainer for teams
Perform active monitoring of security threats and share relevant information
Maintain and update technical and security policy documentation
Respond autonomously or provide support to security requests and incidents reported by various teams
Participate in data center management and maintenance operations and achieve autonomy on defined procedures
Contribute to post-incident analysis and remediation efforts
Represent the ISS department to clients and auditors on topics within your scope

Engineering degree or Master’s degree in Security/Networking
5–7 years' experience in security, with initial experience as a team leader
Familiarity with SIEM platforms, vulnerability scanners, and endpoint protection solutions
Understanding of TCP/IP, firewalls, VPNs, and network segmentation
Knowledge of cryptography and HSMs (Hardware Security Modules) is a plus
Experience managing internal and external audits
Fluency in French and English is required
Knowledge of eIDAS and ISO 27001 is a plus

Senior Security Engineer – Governance, Risk

Key skills