Cybersecurite à Canada

The Worldline Group and more particularly, its Global Business line, Merchant Services, is looking for an experienced Platform Lead with minimum 7 years’ experience in similar activities.

Axis is an in-store acceptance platform, serving various customers in retail, hospitality, transportation and petrol industries. AXIS is present mainly in Western Europe and serves +300 organized retail merchants with a portfolio of +40 payment and value-added applications.

Axis is a 10Bn transactions processing platform in 2024 complying with all international and European standards in security, data protection, and Business continuity.

The AXIS platform is hosted in a private hybrid cloud and operated in an infrastructure as a code and as a service, sharing roles and responsibilities with the Worldline Group Hybrid Cloud providers Worldline Merchant Services Shared Services, Worldline Merchant Services In person payment R&D, and other Worldline Group internal service providers to AXIS.

The AXIS Platform Run Organization looks for a SecOps expert to expand the current organization with expertise in key security topics, such as cryptography, cybersecurity P2PE, PIN, HSM to reinforce the team capabilities in such critical expertise.

As the SecOps expert, you will be a key contributor in optimizing security operations for our in-store payment platform including monitoring tools and processes, and ensuring a swift response to threats while maintaining compliance with industry regulations for payment systems.

In summary, our SecOps experts will work closely with the SecOps Manager and the Platform Management team:

• To coordinate actions with the Group, the MS, and the PS Security Teams requiring synchronization.
• To help in-store platforms SDPR security manager in yearly security training program definition, documentation, and organization.
• To develop tools to facilitate the platforms' security compliance (certificate management, code protection) and to develop security tools for R&D and RUN teams.

Key Responsibilities

1. Evangelization in Run and R&D team

• Contribute to fostering a culture of security awareness by R&D and Run teams.
• Provide training and growth opportunities to keep the team updated with emerging threats and technologies.

• Evaluate and integrate new technologies to enhance the platform’s security posture.
• Work closely with DevOps and IT teams to implement security best practices throughout the development lifecycle (DevSecOps).

• Provide regular reports to senior management on the status of the platform’s security and ongoing initiatives.
• Collaborate with product teams to ensure new features and services are secure by design.
• Ensure the security project structuration and up-to-date documentation.
• Participate in new solution design to bring operational security expertise and ensure platform compliance is met.

Tasks

• Build & manage the global calendar of all security actions decided together with all stakeholders.
• Based on the SDPR manager recommendation, the Expert defines the tools, implements the activity calendar, and communicates to contributors.
• Ensure that the activities are executed as per plan and alert the SDPR manager when deviation occurs.
• Prepare consistent report on the execution.
• Contribute to the knowledge transfers on security compliance topics inside of the in-store teams on the latest security standards & compliance.
• Contribute to the document drafting and or documents collection from each party and build the global package.
• Organize the training sessions and collect feedback on the content satisfaction.
• Define additional actions to help the in-store community to be sensitized on the security compliance.
• Participate in small development projects defined by the SDPR management.
• New tools to help the security compliance tracking.
• Follow-up of the platforms vulnerabilities tools improvements for more automation.
• Contribute to the certificate management automated process flow improvement.
• Additional tasks for developments can be requested by the SDPR manager linked to security.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field with specialization in cryptography.
• 7+ years of experience in cybersecurity, with at least 3 years in a managerial role.
• In-depth knowledge of security frameworks and standards (e.g., PCI DSS, ISO 27001, NIST).
• Hands-on experience with security tools (e.g., SIEM, firewalls, endpoint protection, vulnerability scanners).
• Expertise in cloud security (AWS, Azure, or GCP).
• Strong understanding of payment systems and associated security challenges.
• Proven track record of managing security incidents and implementing preventive measures.
• Excellent leadership, communication, and project management skills.

Skills

• Certifications such as CISSP, CISM, CEH, or similar.
• Experience in DevSecOps practices and tools.
• Knowledge of scripting or programming languages for automation (e.g., Python, Bash).

Required Job related Experience:

• Minimum 7 years of experience in security operations with strong and proven expertise in cryptography.
• Proven track record of managing relationships with cloud providers and third-party vendors.
• Deep knowledge in cybersecurity of cloud platforms and payment system architectures.

Required Soft Skills

• Proven Leadership by exemplarity in delivering concrete results.
• Team Grow-up mindset.
• Capacity to conduct discussions with C-level management.
• Excellence in synthetic and “non-technical” explanation of technical things.
• Excellent level of English.
• Strong interpersonal and communication skills to coordinate with cross-functional teams and vendors.
• Proven ability to handle high-pressure situations and manage complex technical incidents.