Senior Security Engineer

**What do we do ?**: Born in 2021 from the desire to make cities less polluted and quieter, Electra is helping to shift usage towards electric mobility by tackling the main barrier: charging. **Electra is constantly innovating to make electric vehicle charging easier**, with a network of fast charging stations (20 minutes on average) and a maximally simplified user experience. Based in Paris, Lyon, Bordeau, Nantes, Brussels, Madrid, Zurich, Vienna, Munich, Milan and Amsterdam, **Electra's teams aim to deploy a network of 15,000 fast charging points by 2030**, proud to contribute to the energy transition in Europe. In 4 years, we have: - Deployed +500 stations and over 2000 fast-charging points - Secured thousands of stations to establish Electra as a leader in the European market - Opened several offices in France and Europe - Raised over €1bn million in equity and debt financing from renowned investors and institutions - Joined the French Tech Next 40 and won the European Scale-up of the Year 2024 award - Assembled a team of over 260 talentsand this is just the beginning **Your Mission**: **At Electra, cybersecurity is a cornerstone of our mission.** We are building a critical piece of infrastructure that thousands will rely on for their mobility needs. Ensuring the security and integrity of our systems and data is essential to maintaining the trust of our users and the reliability of our services. As **Senior Security Engineer**, you are member of the Information Security Department and will play a **central role** in **shaping our security foundations**, working alongside passionate engineers in a high-impact, fast-paced environment. Your primary responsibility will be **building our first monitoring and detection infrastructure** **from scratch**. You will also **drive complex security** hardening and risk mitigation **initiatives across cloud and operational technology** environments. **‍️ Your Responsibilities**: - Lead and coordinate efforts for designing and implementing the **foundational layer of monitoring and detection capabilities**, ensuring strategic coherence, technical quality, and timely delivery. - Develop, **deploy**, and maintain security tools, technologies, and **infrastructure** that support our monitoring and detection capabilities. - Identify gaps in detection coverage and continuously improve our ability to detect and respond to threats. Develop, **implement**, and maintain **detection rules and signatures** for security monitoring tools. - Participate in day-to-day operations, including **monitoring security alerts**, triaging potential incidents, performing in-depth analysis, and conducting **threat hunting activities**. - Drive the execution of **complex security hardening** and risk mitigation initiatives across **cloud and OT environments**, ensuring alignment with industry standards and compliance requirements. - Under the responsibility of the Information Security Manager, take charge of active security incidents, **carry out in-depth analysis, implement containment and remediation efforts**, and collaborate with other teams to restore affected systems and prevent future occurrences. **Your Profile**: **Technical Skills**: - **Strong expertise** in at least one **SIEM** platform. - Experience **writing and tuning detection** rules. - Understanding of attacker tactics, techniques, and procedures (MITRE ATT&CK) and how to translate them into **effective detection logic**. - Proven experience in threat hunting, incident triage and **log analysis**. A first **experience** in a **SOC/CERT** is **valuable**. - Experience deploying and managing detection pipelines and **log forwarding infrastructure**. - Knowledge of **IoT** security. - Knowledge of cloud platforms, such as **AWS** or GCP. - Familiarity with **GitHub's CI/CD** pipelines and infrastructure-as-code tools such as **Terraform** is a nice-to-have. - Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally is a plus. **Mindset**: - **Excellent problem-solving and analytical skills**: You have tackled complex security issues during time-sensitive incident responses, demonstrating adversarial and systemic thinking with a pragmatic, risk-based approach. - **Strong communication and interpersonal skills**: You can adapt your communication style to different messages and audiences, whether technical or non-technical. You have experience coordinating security tasks across teams. - **Adaptability**: You are a "_Jack or Jane of all trades_." You comfortably dive into non-technical parts of the business to assess security needs and provide support. You've shown high learning agility and thrive in fast-paced environments. - **Autonomy**: You can deliver solutions end-to-end with a strong sense of ownership and independence. - Experience using data to inform decisions and evaluate effectiveness of security measures (metrics, KPIs, assessments) is a nice-to-have. **What Elect