Local IT Security Analyst T02-T07

Permanent Regular

Job Description:

The Cybersecurity Engineer plays a key role in maintaining and strengthening the cybersecurity posture of Pluxee at the country level. While reporting locally to the IT Director, this role will work in close collaboration with the Regional IT Security Manager and global security teams. The Engineer is responsible for executing the implementation of global security tools and controls, managing day-to-day cybersecurity operations, and responding to incidents in alignment with company policies and standards.

The Cybersecurity Engineer will be responsible for deploying security solutions, supporting incident response, conducting risk assessments, and ensuring compliance with global standards and local regulatory requirements. This position combines hands-on technical expertise with a proactive, solution-driven mindset, offering a unique opportunity to work across business, IT, and regional/global security teams.

• Global Security Standards: Ensuring compliance Pluxee’s minimum security baseline

• Evolving Threat Landscape: Staying abreast of the latest cyber threats and vulnerabilities to implement proactive security measures.

• Remote Workforce: Securing and supporting a dispersed workforce while maintaining productivity and data security.

Cybersecurity Operations & Implementation

• Execute and monitor the implementation of global cybersecurity tools and controls ensuring alignment with security baselines and the local Cybersecurity Roadmap.

• Maintain endpoint protection, vulnerability scanning, patch management, and anti-malware compliance across all systems.

• Implement the Security Policy and collaborate with IT, Legal, Internal Control, and other functions to ensure proper enforcement across the organization.

• Support continuous improvement initiatives around cybersecurity automation, monitoring, and threat detection.

Security Awareness & Policy Enablement

• Raise user awareness around cyber threats (e.g., phishing, ransomware, data leakage) and promote secure behaviors across the organization.

• Contribute to the design and execution of security training sessions and phishing simulations.

• Relay Group-level information security communications, policies, and advisories to local teams, ensuring timely acknowledgment and action.

Security Incident Handling

• Serve as the first responder for local cybersecurity alerts and incidents, following Group Security directives and escalation paths.

• Coordinate triage, containment, and remediation efforts in collaboration with the Security Operations Center (SOC) and Regional Security teams.

• Lead local investigations and root cause analysis; develop and track mitigation plans post-incident.

• Escalate and report incidents that may impact business continuity or data protection.

Security in Projects & Change Management

• Support integration of cybersecurity and data protection requirements in local and regional IT projects.

• Perform security risk assessments, evaluate threats and potential impacts, and recommend mitigation controls during project design and delivery.

• Review suppliers and contracts to ensure alignment with Group security requirements and provide technical inputs as needed.

Audit Support & Compliance

• Assist in internal and external audits, including gathering technical evidence to demonstrate compliance with information security standards

• Respond to client and partner inquiries related to information security policies and practices.

• Maintain accurate documentation and contribute to regular reporting on key security KPIs, compliance posture, and operational metrics.