HK SecOps Engineer

Objective:

For this position, we are looking for a SecOps Engineer to assist one of our client in the cosmetic and personal care industry.

The SecOps Engineer ensures that the company’s information systems are operationally secure across all geographical regions. This role is a key addition to the Infrastructure team. The engineer acts as a Level 3 technical escalation point for global security incidents. The workload is distributed as 80% Run (Cybersecurity incident management) and 20% Build (continuous improvement).

Responsibilities:

1. Security operations & maintenance (80% Run)

• L3 Incident resolution: Providing Level 3 technical assistance for security incidents
• Threat analysis: Analyzing and qualifying security threats or incidents escalated by the 24/7 external MSSP (L1/L2).
• Email security alerts: review and analyse reported phishing emails
• Vulnerability management: Performing regular vulnerability assessments and driving the remediation of security weaknesses across the global park.
• System protection: Ensuring the operational security of 7,000 endpoints, 800 on-premise servers, and Azure cloud resources.
• Global scope support: Maintaining security for a worldwide infrastructure including 1,500 stores, 40 offices, and 3 factories.

2. Security evolution (20% Build)

• Tooling optimization: Contributing to the continuous adjustment and improvement of security platforms to ensure they remain adapted to the company's needs.
• Project contribution: Supporting the deployment of new security tools for servers, endpoints, and cloud services

Technical environment:

The role operates within a technical stack primarily focused on Microsoft and specialized security solutions:

• SIEM/SOAR: Microsoft Sentinel.
• EDR/XDR: Mainly Microsoft Defender E5 suite
• Vulnerability management: dedicated vulnerability scanner
• Other sources of logs / Network security: Firewalls, Cloud Proxy
• Cloud infrastructure: Azure Cloud (a CNAPP is in place)

Team & organization:

• Global integration: The engineer joins a Network and Security team of 10 professionals spread worldwide, including 2 dedicated SecOps members. Direct manager is based in Europe (France). The Network and Security team is part of a wider infrastructure team of ~60 people and part of an IT team of ~250 people.

The mid-term objective is to operate in a "Follow the Sun" model.

• Autonomy: As the rest of the team is located on different global sites, a high level of autonomy is required.
• Collaboration: Maintaining strong functional links with other infrastructure teams (Local Support, Hosting, Workplace) is essential.