SEC-IT

About the Company

SEC-IT, filiale du groupe MCA, est le partenaire de référence en cybersécurité, combinant expertise en audit conseil, sécurité opérationnelle et formation pour accompagner les entreprises dans des secteurs stratégiques tels que la technologie, les télécoms, le transport, la banque, l'industrie, les systèmes d'information et l'énergie. Certifié PASSI par l'ANSSI et prestataire terrain pour le dispositif Diag Cyber PME de BPI France, SEC-IT se positionne comme un acteur de confiance pour la protection des systèmes d’information. En s'appuyant sur la puissance de MCA, acteur incontournable de l'ingénierie et des hautes technologies avec plus de 30 ans d'expérience et une présence établie en France, Belgique, Allemagne, Pays-Bas, Suède, Italie et Espagne, SEC-IT offre une synergie unique entre savoir-faire local et vision internationale. Notre mission : Agir pour la maitrise des risques cyber au sein des entreprises et des organismes publics, en apportant à nos consultants des perspectives de carrière enrichissantes et à nos clients des services de cybersécurité sur mesure, pragmatiques et à forte valeur ajoutée. Pour en savoir plus www.sec-it.fr

Listed Jobs

Company Name

SEC-IT

Job Title

Architecte IAM/IGA/PAM Cyber-sécurité

Job Description

**Job Title:** IAM/IGA/PAM Security Architect **Role Summary:** Design, implement, and manage identity and access management (IAM), identity governance and administration (IGA), and privileged access management (PAM) solutions. Lead proof‑of‑concepts, oversee integration with enterprise applications, maintain production environments, and produce technical and functional documentation to optimize identity lifecycle and access governance. **Expectations:** - Deliver high‑impact IAM/PAM projects at enterprise scale. - Collaborate with cross‑functional teams to align identity strategy with business objectives. - Ensure data quality, audit readiness, and compliance with security standards. - Continuously improve processes for identity provisioning, de‑provisioning, and privileged access controls. **Key Responsibilities:** - Develop and run POCs for standard and privileged account solutions. - Manage access permissions, entitlements, and escalation pathways. - Own IAM project planning, execution, and status reporting. - Maintain production (MCO) and continuous service (MCS) of IAM tools. - Integrate identity data from subsidiaries and client applications. - Conduct tool testing, performance validation, and security reviews. - Write and maintain technical and functional specifications and documentation. - Drive data quality initiatives to enhance identity and access accuracy. **Required Skills:** - Deep expertise in IAM, IGA, and PAM technologies (e.g., Microsoft Identity Manager, SailPoint, CyberArk, Okta, OneLogin). - Hands‑on experience with identity provisioning, access reviews, privilege elevation, and entitlement management. - Understanding of integration patterns (REST, SOAP, LDAP, SAML, OAuth, OpenID Connect). - Proficiency in scripting/automation (PowerShell, Python, Bash). - Strong analytical and problem‑solving abilities. - Excellent written and verbal communication for technical and functional documentation. - Ability to work independently and as part of multidisciplinary teams. **Required Education & Certifications:** - Master’s degree (Bac+5) in Computer Science, Information Systems, Cybersecurity, or a related discipline. - Professional certifications in IAM/PAM (e.g., Microsoft Certified: Azure AD Administrator, CyberArk PA-CP, SailPoint IdentityIQ Specialist, Okta IAM Engineer). - Validated experience in delivering IAM/IGA/PAM projects in enterprise environments.

Bouches-du-rhône, France

Hybrid

30-10-2025

Company Name

SEC-IT

Job Title

Consultant(e) Gouvernance GRC

Job Description

**Job Title:** GRC Governance Consultant **Role Summary:** Lead the design, implementation, and continuous improvement of Governance, Risk, and Compliance (GRC) frameworks for a regional partner and its subsidiaries. Standardize processes, enforce security controls, and drive risk treatment planning while collaborating closely with architects, security teams, and external stakeholders. **Expectations:** - Deliver end‑to‑end GRC solutions aligned with EBIOS and ISO 27005 standards. - Act as a change agent pushing for stronger security practices across multiple organizations. - Own the risk treatment plan as a primary driver of risk mitigation initiatives. **Key Responsibilities:** - Formalize, document, and homogenize security processes across partner entities. - Conduct security control assessments, ensuring compliance with defined objectives. - Challenge existing security measures, proposing enhancements and validating them through risk scenario analysis. - Develop and maintain risk treatment plans, including risk acceptance, reduction, or transfer strategies. - Provide evidence-based justification for security obligations in assurance and risk treatment plans. - Collaborate with architects, developers, and other functional teams to integrate GRC requirements into product and system lifecycles. - Perform scanning, trace verification, and log analysis using established security tools. - Coordinate the deployment, testing, and operation of middleware and cloud environments, ensuring security controls are active and auditable. - Mentor colleagues and deliver concise risk‑related training or workshops as needed. **Required Skills:** - Deep knowledge of EBIOS risk assessment methodology and ISO 27005 best practices. - Experience with security scanning, log review, and trace verification tools. - Strong analytical and critical‑thinking capabilities; ability to construct evidence‑based arguments. - Proficiency in risk treatment planning, including scenario development and mitigation design. - Comfortable working in cross‑functional, matrix‑style teams and driving initiatives through influence rather than authority. - Excellent communication skills in French and English (both written and verbal). - Creative problem‑solving and a “build‑you‑can‑do‑it” mindset. **Required Education & Certifications:** - Bachelor’s degree in Information Security, Computer Science, or related field. - Professional certifications such as ISO 27001 Lead Implementer, EBIOS Practitioner, CRISC, or CISA are strongly preferred. - Demonstrated experience in a security audit or consulting role focused on governance, risk, and compliance.

Bouches-du-rhône, France

Hybrid

30-10-2025