Security Analyst - CyberOps W/M

Air Liquide Europe Business Services (ALEBS) was created in 2019 in Lisbon, Portugal, with the mandate to provide financial services for Air Liquide European entities. In four years, it expanded to over 400 employees across three locations: Lisbon, Tomar, and Guarda. The scope extended beyond European affiliates to include entities in Africa, Middle East, and India, and now encompasses not only Finance but also Human Resources.

The Security Analyst supports the Information Security Officer in maintaining Governance, Risk Management, and Compliance standards across Digital & IT environments. They are vital for safeguarding the cybersecurity integrity of Air Liquide's IT and OT systems, as well as sensitive data, by ensuring adherence to Global security governance.

This role is part of a global cybersecurity organization characterized by diverse cultures, local and global operational requirements, and complex technological landscapes.

Note: This position is available in three locations: Lisboa, Tomar, and Guarda.

1. Handle validation of operational security requests - Tickets queue
   • Review firewall and peering requests to verify compliance with Group policies, standards, and industry best practices.
   • Analyze cybersecurity tickets, including blocked website requests, Admin access, application whitelisting requests, and other ad hoc cybersecurity tickets.
   • Identify potential security risks and understand legitimate business needs and operational constraints.
2. Vulnerability management & Ad-hoc security reviews
   • Manage and assess risks related to vulnerabilities across critical systems, including alerts from Group tools such as Qualys, PPP, PRISMA, Security ScoreCard, Serenity, etc.
   • Track remediation plans for vulnerabilities and penetration testing.
   • Assess the accuracy and completeness of ServiceNow CMDB data in cybersecurity processes.
3. Develop and Maintain Cybersecurity Dashboarding and Reporting tools
   • Analyze current cybersecurity KPIs to ensure relevant metrics are reported.
   • Compile and distribute reports on cybersecurity KPIs to stakeholders at regular intervals.
4. Support Compliance & Security Controls
   • Gather evidence for Group CDA compliance activities.
   • Assist in maintaining compliance with security policies and regulations.
   • Support audits by providing technical inputs and evidence related to security controls.

• Minimum 4 years of experience in Cyber Security, risk management, and/or compliance.
• Certifications such as CISSP, CISM, GSOC, MSOA, GEVA, CVA, etc.
• Understanding of risk management, IT controls, and security standards.
• Knowledge of frameworks like SOC2, ISO 27001, NIST, etc.
• Experience securing cloud environments.
• Familiarity with regulations like GDPR, PCI, Medical, FDA, DOT, etc.
• Excellent communication skills in English (C1 level).

#LI-LR1

At Air Liquide, we are committed to building a diverse and inclusive workplace that values the diversity of our employees, customers, patients, community stakeholders, and cultures worldwide.

We welcome applications from all qualified candidates, regardless of background. We believe diversity fosters innovation, allows individual and collective talent to flourish, and helps us succeed in a changing world.