Endpoint security ppo

Au sein du Groupe Trèfle (190 personnes), Trèfle Solution est une ESN dédiée aux métiers de l'infogérance, de la sécurité des SI et des systèmes industriels. Forte d'environ 40 collaborateurs, nous intervenons dans les différentes phases de réalisation des projets (Design, Build, Run) en mode assistance technique et en mode forfait en engagement de résultats. 3 secteurs d'activités sont adressés par Trèfle Solution : * Le conseil, * L'ingénierie et l'expertise, * Le service continu sur le site client ou externalisé (24/7)

Description du poste et Missions

Proxy-Service Owner accountability on Endpoint Security perimeter

Accountable to ensure that all aspects are in place so that the application(s) can be run within society and meet ongoing business needs ;

Manage all dependencies to make sure this happens. This includes (but not limited to) : 

• Resources to support, service contracts, documentation and software licenses needed for the RUN of the systems, SLA management… ;
• Business interaction and take into account their needs, and ensure the correct provide value throughout Services & Product ;
• Confidentiality, Availability and data Integrity of the datas & assets ;
• Continual Service Improvement and technology watch of the delivery & communication ;
• Define KPI/SLA - SMART ;
• Challenge the supplier on the technical part ;
• Obtains the internal mandatory approvals of a contract ;
• Respect the IT Delivery Process with the support of the DM ;
• Build & maintain the Service Catalog ;
• Maintain documentation of the service ;
• Support the DM and the quality of the process.

Link between the Business and the Suppliers :

• Follow the contract with DM & Procurement ;
• Define and track relevant metrics for the suppliers performance UC ;
• Continual Improvement ;
• Maintain a high-level of business satisfaction.

Endpoint Security Strategy: Develop and maintain a robust endpoint security strategy that aligns with organizational security policies and compliance requirements. This includes defining standards for endpoint protection, detection, and response.

Solution Design and Implementation: Architect and deploy endpoint security solutions across the organization, including antivirus, anti-malware, Endpoint management solution (Intune, Tanium), and endpoint detection and response (EDR) tools.

Policy and Configuration Management: Create and manage security policies and configurations for endpoint devices. Ensure policies are effectively applied to maintain security posture and compliance.

Threat Detection and Response: Monitor endpoint security tools for signs of malicious activity. Lead incident response efforts for endpoint-related security incidents, including investigation, containment, eradication, and recovery.

Security Awareness and Training: Develop and deliver training programs to educate employees on endpoint security best practices and threat awareness. Promote a culture of security across the organization.

Collaboration and Reporting: Work closely with other cybersecurity and IT teams to ensure a cohesive security strategy. Prepare and present reports on endpoint security posture, incidents, and improvement initiatives to senior management.

Profil recherché

• In-depth knowledge of endpoint security technologies (antivirus, anti-malware, EDF, Microsoft Intune, Tanium) and operating systems (Window, macOS, Linux, Android, iOS) ;
• Strong understanding of the cyber threat landscape and tactics, techniques, and procedures (TTPs) used by threat actors ;
• Excellent analytical and problem-solving skills, with the ability to manage complex security incidents ;
• Minimum of 5 years of experience in cybersecurity, with a strong focus on endpoint security architecture and engineering. In-depth knowledge of endpoint security technologies (antivirus, anti-malware, EDF, Microsoft Intune, Tanium) and operating systems (Window, macOS, Linux, Android, iOS) ;
• Outstanding communication and interpersonnal skills, capable of working collaboratively across teams and explaining complex security issues to non-technical stakeholders ;
• Experience with security information and event management (SIEM) systems and vulnerability management tools.