EXMC
L'Ingénieur Senior Sécurité – IAM & SIEM est responsable de la conception, de la mise en œuvre et de la gestion opérationnelle de l'infrastructure de gouvernance des identités ainsi que des capacités de supervision de la sécurité de l'organisation. Position Summary : The Senior Security Engineer – IAM & SIEM is responsible for the design, implementation, and operational management of the organization's identity governance infrastructure and security monitoring capabilities. The role operates at the intersection of preventive control (IAM) and detective control (SIEM), requiring deep technical expertise, cross-functional leadership, and a strong understanding of regulatory frameworks applicable to the financial sector. The incumbent acts as a subject-matter expert across the full IAM lifecycle and SIEM pipeline, from architecture design to incident triage, and is expected to autonomously drive projects from initiation to delivery with minimal supervision. Key Responsibilities · Identity & Access Management o Design, deploy, and maintain enterprise IAM platforms (e.g., CyberArk, SailPoint, Microsoft Entra ID, Okta), including PAM, IGA, and federation services. o Define and enforce access governance policies: RBAC, ABAC, SoD controls, and privileged access workflows. o Lead IAM integration projects with critical systems (, cloud platforms, LDAP/AD, …) using standards such as SCIM, SAML 2.0, OAuth 2.0, and OpenID Connect. o Conduct IAM risk assessments and remediate audit findings related to access control deficiencies. · SIEM & Security Monitoring o Architect, tune, and operate SIEM platforms (e.g.,Splunk,) including data ingestion, normalization, and correlation rule engineering. o Develop and maintain detection content aligned with MITRE ATT&CK: use-case catalogue, detection logic, false-positive suppression, and alert lifecycle management. o Define SIEM KPIs and ensure log coverage across critical assets (endpoints, network perimeter, IAM stack, cloud workloads). o Lead SIEM-driven investigations and provide L3 support during major incidents; participate in post-incident reviews and lessons-learned. o Collaborate with the SOC to improve SOAR playbook automation and reduce mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR). o Monitor and integrate threat intelligence feeds to enrich detection use cases. Cross-Functional & Governance · Contribute to the security architecture review for new projects and technology changes. · Participate in the development and maintenance of security policies, standards, and procedures within the scope of IAM and monitoring.