Asenium

About the Company

Our team offer:
Reactivity
Our knowledge, network and experience allow us to allocate qualified resources within 24-48 hours.

Global market
Thanks to office locations in Paris, Geneva, Sao Paulo, New York, and Singapore we cover your needs worldwide.

Expertise
Since 2005, Asenium works hand in hand with its customers for their needs of expertise throughout each phase of their transformation programs.

Listed Jobs

Company Name

Asenium

Job Title

Expert Sécurité - Infrastructures / Systèmes

Job Description

**Job Title** Security Expert – Infrastructure / Systems **Role Summary** Lead security initiatives for critical business applications and infrastructure. Implement remediation from audits, formalize PCI/PRI for Crown Jewels, harden servers in virtualized and hybrid cloud environments, manage legacy asset roadmap, and contribute to the inventory of critical applications and platforms. **Expectations** - Minimum 5 years in a comparable security or systems role. - Fluent in English (verbal and written). - Autonomous, rigorous, analytical, and able to collaborate across international teams. - Strong communication, documentation, reporting, and compliance skills. **Key Responsibilities** - Execute remediation actions identified in audits of critical business applications. - Define and document PCI/PRI for Crown Jewels and conduct restoration tests. - Deploy server hardening guides for critical scopes (Crown Jewels) in VMware, Nutanix, Hyper‑V, and on‑prem environments. - Identify and document obsolete assets; coordinate with the Group IT Group to develop and implement a deprecation roadmap. - Contribute to the formalization of inventories for critical applications and infrastructure. - Maintain up‑to‑date security documentation, incident reports, and compliance evidence. **Required Skills** - Virtualization: Nutanix (incl. NC2), VMware (incl. AVS), Hyper‑V. - Backup & DR: Rubrik, Veeam, Rubrik AppFlows. - Operating Systems: Windows (advanced), Linux (SUSE/RHEL). - Storage: HCI (AOS, vSAN), SAN. - Security hardening, PCI/PRI, and restoration testing. - Documentation, reporting, and regulatory compliance. - Proactive problem‑solving, teamwork, and communication. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, or related field (preferred). - Relevant certifications in virtualization, backup, or security (e.g., VCP, VCC, VEEAM-CMT, RHCE, or CISSP) are a plus.

Île-de-france, France

Hybrid

Mid level

19-12-2025

Company Name

Asenium

Job Title

Senior AD / Windows Security Engineer

Job Description

**Job Title:** Senior AD / Windows Security Engineer **Role Summary:** Lead the design, implementation, and continuous improvement of Active Directory (AD) and Windows security controls. Drive hardening, backup, monitoring, and remediation initiatives, collaborating with cross‑functional teams and supporting SOC operations. **Expectations:** - Minimum 5 years of experience in AD/Windows security engineering or a similar role. - Proven ability to work autonomously, analyze complex environments, and produce clear documentation. - Strong communication skills in English (professional level) and ability to work in an international team. - Proactive problem‑solver with a focus on compliance and KPI development. **Key Responsibilities:** - Formalize and review Disaster Recovery Plan (DRP) and AD backup strategy. - Assist in deploying Privileged Access Workstations (PAW). - Execute identified AD hardening measures and remediate attack paths. - Identify and correct insecure AD delegation relationships. - Implement AD monitoring and alerting integration with SIEM/SOAR platforms. - Develop action plans for network segmentation (flow matrices, etc.). - Remediate high‑privilege service accounts and improve RBAC matrices. - Lead privileged account management, maintain and evolve access matrices. - Diagnose AD issues, enhance surveillance, and support security incident remediation from SOC. - Define and improve security KPIs; track remediation plans from the Information Security department. **Required Skills:** - Active Directory – expert level. - Windows Server – expert level. - AD Certificate Services (ADCS) – intermediate. - Entra ID / Microsoft 365 – intermediate. - Azure Virtual Desktop (AVD) / Intune – intermediate. - Scripting (PowerShell) and Group Policy Objects – intermediate. - Experience with backup/BCP/DR solutions. - Knowledge of Qualys (optional). - Strong documentation, reporting, and compliance skills. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - Relevant certifications preferred (e.g., Microsoft Certified: Security, Compliance, and Identity Fundamentals; Microsoft Certified: Azure Administrator; Certified Information Systems Security Professional (CISSP)).

Île-de-france, France

Hybrid

Senior

19-12-2025

Company Name

Asenium

Job Title

Expert GRC

Job Description

**Job Title:** Expert GRC – Cybersecurity Governance, Risk & Compliance **Role Summary:** Lead the governance, risk management, and compliance (GRC) functions for the organization’s cybersecurity program. Partner with the Cybersecurity Director, GRC Team Leader, and cross‑functional teams to ensure the information system (IS) aligns with regulatory requirements, industry standards, and the group’s risk appetite. Drive maturity, audit readiness, and continuous improvement across the enterprise. **Expectations:** - Demonstrate rigorous analytical and synthesis abilities. - Communicate complex security concepts clearly to technical and non‑technical audiences. - Manage multiple projects simultaneously while meeting deadlines. - Proactively anticipate needs, drive initiatives, and support business units. - Operate autonomously, yet collaborate effectively across departments. **Key Responsibilities:** - Monitor and advance the cyber‑maturity of all group entities. - Ensure IS compliance with current legislation (e.g., NIS2) and standards (ISO 27001/27002). - Conduct cyber risk mapping, assessment, and treatment using EBIOS RM methodology. - Qualify asset criticality and maintain an up‑to‑date asset inventory. - Evaluate and manage third‑party security performance. - Define, plan, and track security audit programs; coordinate audit activities. - Participate in the group’s Information Security Program (ISP) processes. - Contribute to the development and maintenance of group security reference frameworks. - Perform continuous cyber and regulatory threat monitoring. - Lead innovation and continuous improvement initiatives within GRC. - Facilitate workshops, risk interviews, and training sessions for stakeholders. **Required Skills:** - **Risk Management:** Proven experience with cyber risk frameworks (EBIOS RM). - **Compliance & Standards:** Strong knowledge of NIS2, ISO 27001/27002, and related security regulations. - **GRC Tools:** Familiarity with GRC platforms; experience with TENACY is a plus. - **Technical Understanding:** General grasp of IT/OT architectures and core security controls. - **Communication:** Excellent written and verbal English; ability to simplify technical content. - **Analysis & Solution Design:** Ability to assess security posture, identify gaps, and propose remediation. - **Organizational Skills:** Strong project management, multitasking, and attention to detail. - **Interpersonal Qualities:** Proactive, dynamic, collaborative, capable of leading workshops and influencing stakeholders. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related discipline. - Preferred certifications: ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, or equivalent. - Proven professional experience in GRC, cyber risk management, and compliance within a corporate environment.

Île-de-france, France

Hybrid

19-12-2025

Company Name

Asenium

Job Title

Security Awareness & Training Specialist

Job Description

**Job Title:** Security Awareness & Training Specialist **Role Summary:** Lead the design, delivery, and continuous improvement of the organization’s cybersecurity awareness and training program. Report functionally to the GRC Team Leader and work closely with the Cybersecurity Director and GRC leadership to strengthen security culture, reduce human‑related risk, and support compliance across all business units. **Expectations:** - Develop and execute a comprehensive awareness strategy aligned with GRC objectives. - Conduct engaging workshops, webinars, and communication campaigns in English (and French if needed). - Measure program effectiveness through key metrics and drive iterative improvements. - Foster an active internal cybersecurity community. **Key Responsibilities:** - Create, launch, and manage ongoing phishing, smishing, and social‑engineering simulation campaigns. - Produce diverse learning content (presentations, infographics, short videos) using tools such as Canva, PowerPoint, CapCut, Storyline/Articulate. - Analyze training data (click‑through rates, completion rates, risk segmentation) to identify high‑risk groups and tailor interventions. - Maintain and nurture a corporate cybersecurity community of practice. - Collaborate with IT, HR, and business units to embed security best practices (password hygiene, MFA, secure collaboration tools). - Track and report awareness KPIs to senior leadership; recommend enhancements. - Support risk assessments using the EBIOS RM methodology and, where applicable, operate GRC platforms (e.g., TENACY). **Required Skills:** - Strong knowledge of common cyber threats: phishing, smishing, ransomware, shadow IT, etc. - Solid understanding of security best practices (password management, MFA, digital hygiene). - Excellent written and verbal communication; ability to simplify complex concepts. - Proven content‑creation skills (Canva, advanced PowerPoint, basic video editing). - Data‑analysis capability for training metrics and risk segmentation. - Experience with cyber risk management (EBIOS RM) and familiarity with GRC tools (TENACY a plus). - High level of organization, autonomy, and ability to manage multiple initiatives simultaneously. - Team‑player with strong stakeholder‑engagement skills. - Proficient in English (both written and spoken); French advantageous. **Required Education & Certifications:** - Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field (or equivalent professional experience). - Relevant certifications are a plus (e.g., CISSP, CISM, CIPP, CompTIA Security+, Certified Information Privacy Professional). - Additional training‑design certifications (e.g., ATD, Learning Experience Designer) considered advantageous.

Île-de-france, France

Hybrid

19-12-2025