Infrastructure Security

Job Summary :

The Infrastructure Security Analyst is responsible for ensuring the security and integrity of the Saint-Gobain local infrastructure. This role involves analyzing, implementing, and maintaining security measures across networks, applications, and systems, while supporting cybersecurity initiatives and compliance efforts. The analyst will collaborate with cross-functional teams to integrate security into projects, manage suppliers, and contribute to incident response and disaster recovery planning.

Key Responsibilities:

Infrastructure & Network Security

Monitor and assess vulnerabilities across infrastructure components.

Ensure proper configuration and operation of firewalls, SIEM, EDR, AD, and MDM systems.

Maintain secure network protocols and device configurations.

Application Security

Implement encryption, access control, and vulnerability management practices.

Project Integration & Supplier Management

Integrate cybersecurity requirements into project lifecycles.

Apply ISO27001 standards in supplier evaluations and risk assessments.

Security Reporting & Awareness Communication

Support the preparation of monthly security reports and dashboards

Lead or contribute to monthly cybersecurity talks.

Collaborate with local IT teams to follow up on security indicators.

Incident Management & Response

Support identification and analysis of malware, trojans, worms, and other threats.

Assist in ITIL-based incident handling and escalation procedures.

Compliance & Process Development

Draft and maintain security procedures and documentation.

Develop scripts to automate compliance checks and reporting.

Awareness & Training

Lead phishing awareness campaigns and cybersecurity communications.

Support local IT teams in promoting security best practices.

Continuity & Disaster Recovery

Assist senior analysts in Business Impact Analysis (BIA).

Participate in disaster recovery testing and planning.

Industrial Systems Security

Learn and support security practices for industrial control systems.

Required Skills & Qualifications:

Hard Skills :

Mandatory: Network fundamentals, application security, project integration, supplier management, compliance (ISO27001), scripting, and procedure writing.

Nice to Have: Infrastructure security tools (SIEM, EDR, AD), incident management, ITIL, creative problem-solving.

Willing to Learn: Industrial systems security, awareness campaigns, disaster recovery planning.

Soft Skills

Strong team spirit and collaboration.

Clear and effective communication.

Supportive mindset and proactive attitude.

Creative and analytical thinking.

work in a multicultural environment

Preferred Certifications (Optional):

ISO27001 Foundation or Lead Implementer

CompTIA Security+, CISSP, or equivalent

ITIL Foundation