Your future duties & challenges
Bouygues Construction Information Technologies (BYCN IT) is the IT branch of Bouygues Construction, a global player in the building, civil works, energies and services sectors. Bouygues Construction operates at all points of the value chain of projects: finance, design, construction and facilities management (operation and maintenance). On every continent, our employees devise and develop solutions that help improve the environment and everybody's lives.
As part of Bouygues Construction, the mission of BYCN IT is to provide the members of Bouygues Construction with IT services of high quality fitting with their businesses and to deploy solutions to improve communication and people collaboration through worldwide network. BYCN IT has offices in France, Morocco and Vietnam.
We are looking forward to cooperating with talented and motivated people.
- Lead several technical and operational security assessments in different environment inside Bouygues' Information System.
- Advise remediations to operational teams for found vulnerabilities and raise security awareness among them in order to reduce the IS security risks.
- Looking for unknown weaknesses and investigating on less known parts of the IS will sometimes be realized with the Blue Team for them to gain better vision.
- Lead OSINT projects to find public vulnerabilities in Bouygues' IS.
So why not you?
- Language Skills
- Fluent in English
- French is a big plus
- Profile requirements:
- Bachelor graduated in Network Engineering
- 3 or 5 years experience in cybersecurity
- Development knowledge with the OS (Python, bash, PowerShell),
- Security knowledge on Web, OS, infra, Mobile applications and network,
- Knowledge of different security tools, their pros and their cons.
- Autonomous on the projects you lead
- Capable to communicate about advances and troubles on projects and audits
- The knowledge of audit methodologies is a plus.
- CyberSecurity skills:
- You prefer to be a Web Security Tester /RED Team player or having experience as BLUE Team member (want to change career path)
- Strong knownledge about basic Security Concepts
- Good to have CEH/GWAPT/CompTIA Security+ or similar,
- Understand vulnerabilities assessment report, the context and hypothesis of their exploitation for better security risk assessment. Be able to advise on vulnerability remediation or mitigation
- Define and lead the operational tests and regular checks, automate and industrialize scanning processes
- Technical watch: stay up to date on new vulnerabilities, new attacks ways, new attack vectors and patching state.
- Be able to identify the risk for the business or familiar with Common Vulnerability Scoring System (CVSS)
- Be able to lead OSINT projects and crawl the web to find public vulnerabilities on Bouygues' IS
- Familiar with any Security Standard like OWASP/CIS/NIST/MITRE…
- Experience with security tool:
+ Scanning tool
+ Audit tool
+ Assessment tool
+ Request/response capture tool (Web app testing)
- General Skills
- Rigorous, concerned for the quality
- Methodical/ Organized/ Open minded
- Analyzing needs and constrains
- Good resolving problem and writing skills
- Team and collaborative spirit
- Good interpersonal skill
- Customer service orientation
+ Strong aptitude for understanding the user process,
+ Helping to structure the request
+ Assisting/advising team service
- Salary Range: Competitive
- Compulsory Insurance and additional medical insurance (Vietnam Care)
- International, friendly and people-oriented environment
- Team building events and company trip every year
- Sport club, personal activities sponsor
- Possibility to work from home (WFH)
- Career opportunities in the one of biggest group in the world
- Training and continuous investment into your professional development.
In addition, you’ll benefit from:
Innovative training possibilities based on progressive logic
An attractive mobility policy
A dynamic salary
The Group’s employee savings scheme
Additional benefits: Top-up health insurance, retirement plan, peer support committee, housing scheme, etc.
These items apply fully or partially depending on the type of contract and your location.