Security Incident Response Engineer
Solvay is a science company whose technologies bring benefits to many aspects of daily life. Our purpose—we bond people, ideas and elements to reinvent progress—is a call to go beyond, to reinvent future forms of progress and create sustainable shared value for all through the power of science. In a world facing an ever-growing population and quest for resources, we aim to be the driving force triggering the next breakthroughs to enable humanity to advance while protecting the planet we all share.
We bond with customers and partners to address today and tomorrow’s megatrends. As a global leader in Materials, Chemicals and Solutions, Solvay brings advancements in planes, cars, batteries, smart and medical devices, water and air treatment, to solve critical industrial, social and environmental challenges. You can count on our innovative solutions to contribute to safer, cleaner and more sustainable future.
As a Security Incident Response Engineer at Solvay, you will be the entry point of our SOC (Security Operation Center) and VOC (Vulnerability Operation Center) teams to provide the appropriate actions in order to correct in a timely manner, security incidents.
In your role you will be responsible to build and follow up actions that will be required to answer any of these incidents or possible vulnerabilities. You will have to connect with various stakeholders outside of your team to explain, support and make sure that remediation actions are delivered. The actors could be applications owners,Hosting teams, network teams and workstation teams.
Being a key role in our organization you will have to:
- Respond to security vulnerabilities, weaknesses, and incidents reported by our SOC and VOC
- Performing on-demand vulnerability scanning and compliance monitoring to ensure security standards are met
- Proactively work with different stakeholders to ensure basic security mitigations are implemented like patch management and OS, application and firmware lifecycle management.
- Approve exception requests from DT, when delegated such authority from GS, to support vulnerabilities that can not be remediated
- Support keystakholders in development of exception requests when GS is required to approve them
- Provide Kpis to Digital technology and group Security leadership teams in order to accurately display the health of our systems.
- Record any deviation and received support in order to evaluate them or make them corrected
- Act as a service owner of the incident and vulnerability response plan by:
- Monitoring them closely
- KPIs management
- Escalation when needed
- Manage the technical debt and propose remediation actions
- Work with the architecture and operation Security teams in order to ensure the proper resolution of incidents
- Answer to internal and external audit
Key Stakeholder Interactions
- Collaborates closely with the Identity and authorisation, Application Owners, Hosting teams, workstation and network teams, VOC and SOC teams
Education and experience:
- Master’s degree in a relevant course of studies
Skills and behavioral competencies:
- ITIL and service oriented mindset will be key
- Have 5-10 years of security experience working with standard IT technologies and with a clear understanding of end to end architecture from Network to application
- Impact and influence
- Understand baseline security requirements and platform hardening principles.
- Experience with threat modeling and risk assessments and incident response.
- Have a good analytical mindset for problem solving under stress and time pressure.
- Result orientation, influence & impact
- Empowerment & accountability
- Team spirit, building relationships, collective accountability
- Strong leadership capability, executing as appropriate in the areas of responsibility
- Excellent oral and written communication skills, including the ability to explain technology solutions in business terms, establish rapport and persuade others
You will get:
- ”The U.S. base salary range reasonably expected to be paid for this position is $101k to $126k. Since actual compensation packages are based on a variety of factors unique to each candidate we may ultimately pay more or less than the posted base salary range. Total compensation for this role also includes bonus and/or other incentives.” (Only for US cadre market - link to more info available for Senior Team only)
- Health insurance
- Life insurance
- 16 weeks of maternity/paternity and co-parenting leave
- Training platform for all employees
- Free language courses (24 languages available)
- Solvay Shares Plan
- Free well-being sessions (physical and psychological)
Location(s): Portugal - Lisbon (Portugal - Lisbon) (Primary), Belgium - Brussels (Belgium - Brussels), China - Shanghai (China - Shanghai), France - Aubervilliers (France - Aubervilliers), France - Lyon (France - Lyon), USA - Princeton, NJ (USA - Princeton, NJ), Italy - Bollate (Italy - Bollate)
If you’d like to find out more about what happens next with your application or get some tips on how to complete it.