CrawlJobs Logo
Sopra Steria Logo Sopra Steria · IT - Software Development

Cybersecurity Expert

Canada, Montréal · Job Posted September 30, 2025
Apply Position
Job Link Share

Job Description

As a Cybersecurity Subject Matter Expert, you will be responsible for proactively defining and embedding cybersecurity best practices throughout the entire software development lifecycle, from threat analysis, design, requirements management to cybersecurity case necessary for production activities. Your mission will be to act as an enabler, empowering teams to integrate cybersecurity seamlessly into their work to help build reliable, secure software for production ready systems.

Job Responsibility

  • Proactively define and embed cybersecurity best practices (ISO/SAE 21434, threat modeling, secure coding standards, etc.) throughout the entire software development lifecycle
  • Work side by side with architecture, development, and testing teams
  • Identify and analyze vulnerabilities, assess the impact of such vulnerabilities on systems assets
  • Establish robust security controls based on generated cybersecurity requirements and specifications
  • Verify and validate the cybersecurity posture of the system under analysis
  • Produce the required artifacts for cybersecurity case approval
  • Support teams in implementing resilient, production-ready solutions
  • Act as an enabler, empowering teams to integrate cybersecurity seamlessly into their work
  • Help build reliable, secure software for production ready systems for our customers

Requirements

  • Bachelor's or Master's degree in Computer Science, Software Engineering, Electrical/Computer Engineering, or a related field
  • Strong expertise in cybersecurity for embedded or safety-critical systems
  • Relevant cybersecurity certifications (e.g., CISSP, ISO 21434, TARA methodologies) are a strong asset
  • Exposure to cybersecurity assessment is a must, knowledge of auditing principles is appreciated
  • Solid knowledge of ISO/SAE 21434 standards and methodologies
  • Proficiency in threat modeling and secure coding practices (cert c++, Misra C/C++, ASPICE best practices)
  • Ability to collaborate with cross-functional teams (architecture, development, testing), with different area of expertise (Functional safety, SOTIF, safety of AI/ML based systems)
  • Technical leadership and the ability to communicate complex security concepts effectively

Nice to have

  • Relevant cybersecurity certifications (e.g., CISSP, ISO 21434, TARA methodologies)
  • Knowledge of auditing principles

What we offer

  • Hybrid Work
  • Industry leading medical, dental, and vision Insurance
  • Access to a telemedicine service
  • RRSP program
  • Personal and sick days
  • Recreation room with pool table and foosball table
Sopra Steria - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cybersecurity Expert

8 matching positions

Embedded Product Cybersecurity Expert / ISO 21434, IEC 62443

As a Cybersecurity Engineer – Embedded Products, you will play a central role in...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Software, Electrical, Computer, or Automotive Engineering or a related field
  • 3–10 years of experience in automotive cybersecurity or embedded systems cybersecurity, with hands-on experience on TARA based on ISO/SAE 21434 processes
  • Solid foundation in embedded systems architecture, including deep understanding of MCU/SoC design constraints, real-time and Linux-based environments
  • Proficient with boot architectures and low-level debugging using interfaces such as JTAG, XCP and SWD
  • Solid understanding of communication protocols (CAN, CAN-FD, Automotive Ethernet, SOME/IP, UDS, UART, SPI, BT, Wi-Fi, USB, NFC, cellular, RF, etc.), and embedded security mechanisms (cryptography, secure boot, secure communication, key management, hardware root of trust, debug protections, memory protection, key storage and secure update mechanisms)
  • Proven ability to define Cybersecurity Goals and claims, derive Requirements, and ensure traceability through the development lifecycle
  • Excellent analytical, problem-solving, and documentation skills
  • Ability to work collaboratively with multi-disciplinary, multi-site engineering teams
Job Responsibility
Job Responsibility
  • Perform a comprehensive risk assessment of the current system architecture and identify item-level functions by applying the TARA process via recognized methods (e.g., ISO/SAE 21434 TARA, STRIDE, or similar)
  • Build and review item definitions, identify critical assets, potential attack vectors, threat scenarios, and evaluate associated risks at both ECU and vehicle levels
  • Derive Cybersecurity Goals and Cybersecurity Requirements (hardware, firmware, and system-level design) from the TARA results and ensure traceability throughout the product development lifecycle
  • Contribute to the Cybersecurity Concept (CSC) and ensure alignment with ISO/SAE 21434 and regulatory requirements
  • Collaborate with system, software, and hardware engineering teams to integrate recommended security measures (cryptography, secure boot, secure communication, key management, hardware root of trust, debug protections, memory protection, key storage and secure update mechanisms)
  • Evaluate protocols usage and propose cybersecurity countermeasures such as authentication, encryption, replay protection, secure pairing, and robust key management
  • Support validation activities for cybersecurity controls and participate in audits, reviews, and documentation of findings
  • Support compliance and customer requirements aligned with standards and frameworks (as applicable): CRA, ISO/SAE 21434, RED-DA, IEC 62443, NIST, etc
What we offer
What we offer
  • Hybrid Work
  • Industry leading medical, dental, and vision Insurance
  • Access to a telemedicine service
  • RRSP program
  • Personal and sick days
  • Recreation room with pool table and foosball table
  • Fulltime
Read More
Arrow Right

Subject Matter Expert – Cybersecurity

We are seeking a highly skilled Subject Matter Expert (SME) with deep expertise ...
Location
Location
Salary
Salary:
Not provided
hurix.com Logo
HurixDigital
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, or a related field
  • 5+ years of proven experience in cybersecurity roles including red teaming, security engineering, or GRC
  • Strong expertise in AI-specific security threats including prompt injection, jailbreaking, and supply chain vulnerabilities
  • Hands-on experience with frameworks such as OWASP, MITRE ATT&CK, and NIST
  • Proficiency in DevSecOps practices, including integrating security into CI/CD pipelines
  • Experience with identity and access management (IAM), RBAC, and data governance for AI systems
  • Solid understanding of incident response, risk assessment, and enterprise AI security strategy
  • Familiarity with compliance and governance standards such as ISO 27001, SOC 2, or GDPR
  • Excellent analytical and documentation skills with the ability to write clear security guidelines
Job Responsibility
Job Responsibility
  • Analyze/create learning objectives for each course
  • Review/create Course Outline for each of the courses
  • Review video scripts (7-9 per course) and confirm technical accuracy of the content, suggest edits and updates as required. Incorporate one round of internal and client feedback
  • Provide relevant static or recorded demos/ screencast to be integrated in the videos
  • Incorporate one round of internal and client feedback
  • In case of AI/software/tool-based courses, suggest relevant freeware. Write/review and test the codes to check
  • Review readings (4-6 per course, each up to 1200 words) and confirm technical accuracy of the content, suggest edits and updates as required. Incorporate one round of internal and client feedback
  • Create hands-on activities (1-2 lab or any other client preferred format) per course
  • Incorporate one round of internal and client feedback
  • Review practice quiz and graded assessments (5 files, each comprising 5-10 questions and suggest suitable edits, confirm technical accuracy. Incorporate one round of internal and client feedback
Read More
Arrow Right

Senior Cybersecurity Expert (Threat Intelligence)

At Bosch, we shape the future by inventing high-quality technologies and service...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • Several years of experience in a technical cybersecurity role (e.g., CTI, SOC, Threat Hunting, Incident Response, DFIR)
  • Proven expertise in tracking and analyzing adversarial behavior, with strong knowledge of the cyber kill chain and MITRE ATT&CK framework
  • Ability to work methodically and independently while being an effective and reliable team player in a distributed team
  • Excellent communication skills with the ability to translate complex technical findings for diverse stakeholders
  • Strong scripting and tool development experience (Python, APIs, Git, Docker)
  • Fluent in English
  • German is a plus
Job Responsibility
Job Responsibility
  • Identify, analyze, and track threat actor TTPs and IOCs using threat prioritization frameworks and threat landscape monitoring
  • Investigate complex threat data to provide situational awareness, quantify trends, support ongoing investigations, and strengthen detection and response capabilities
  • Conduct in-depth technical analysis (searching, pivoting, enrichment) to support Threat Hunting and identify potential intrusions in Bosch networks and systems
  • Collaborate closely with cross-functional teams including Incident Response and Detection Engineering to integrate intelligence into detection and response workflows
  • Produce and deliver high-quality intelligence reports, briefings, and presentations tailored to technical, business, and executive audiences
  • Respond to Requests for Information (RFIs) and brief stakeholders on emerging campaigns and significant incidents
  • Develop and improve internal tools for threat analysis and monitoring (using Python, REST APIs, Git, Docker)
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Expert

At Bosch, we shape the future by inventing high-quality technologies and service...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • Several years of experience in a technical cybersecurity role (e.g., CTI, SOC, Threat Hunting, Incident Response, DFIR)
  • Proven expertise in tracking and analyzing adversarial behavior, with strong knowledge of the cyber kill chain and MITRE ATT&CK framework
  • Ability to work methodically and independently while being an effective and reliable team player in a distributed team
  • Excellent communication skills with the ability to translate complex technical findings for diverse stakeholders
  • Strong scripting and tool development experience (Python, APIs, Git, Docker)
  • Fluent in English
  • German is a plus.
Job Responsibility
Job Responsibility
  • Identify, analyze, and track threat actor TTPs and IOCs using threat prioritization frameworks and threat landscape monitoring
  • Investigate complex threat data to provide situational awareness, quantify trends, support ongoing investigations, and strengthen detection and response capabilities
  • Conduct in-depth technical analysis (searching, pivoting, enrichment) to support Threat Hunting and identify potential intrusions in Bosch networks and systems
  • Collaborate closely with cross-functional teams including Incident Response and Detection Engineering to integrate intelligence into detection and response workflows
  • Produce and deliver high-quality intelligence reports, briefings, and presentations tailored to technical, business, and executive audiences
  • Respond to Requests for Information (RFIs) and brief stakeholders on emerging campaigns and significant incidents
  • Develop and improve internal tools for threat analysis and monitoring (using Python, REST APIs, Git, Docker).
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Complex environment of working, professional support and possibility to share knowledge and best practices
  • Ongoing development opportunities in a multinational environment
  • Broad access to professional trainings (incl. language courses), conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Expert

Senior Cybersecurity Expert (Threat Intelligence) position at Bosch focusing on ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • Several years of experience in a technical cybersecurity role (e.g., CTI, SOC, Threat Hunting, Incident Response, DFIR)
  • Proven expertise in tracking and analyzing adversarial behavior, with strong knowledge of the cyber kill chain and MITRE ATT&CK framework
  • Ability to work methodically and independently while being an effective and reliable team player in a distributed team
  • Excellent communication skills with the ability to translate complex technical findings for diverse stakeholders
  • Strong scripting and tool development experience (Python, APIs, Git, Docker)
  • Fluent in English
Job Responsibility
Job Responsibility
  • Identify, analyze, and track threat actor TTPs and IOCs using threat prioritization frameworks and threat landscape monitoring
  • Investigate complex threat data to provide situational awareness, quantify trends, support ongoing investigations, and strengthen detection and response capabilities
  • Conduct in-depth technical analysis (searching, pivoting, enrichment) to support Threat Hunting and identify potential intrusions in Bosch networks and systems
  • Collaborate closely with cross-functional teams including Incident Response and Detection Engineering to integrate intelligence into detection and response workflows
  • Produce and deliver high-quality intelligence reports, briefings, and presentations tailored to technical, business, and executive audiences
  • Respond to Requests for Information (RFIs) and brief stakeholders on emerging campaigns and significant incidents
  • Develop and improve internal tools for threat analysis and monitoring (using Python, REST APIs, Git, Docker)
What we offer
What we offer
  • Annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Professional support and possibility to share knowledge and best practices
  • Ongoing development opportunities in a multinational environment
  • Broad access to professional trainings (incl. language courses), conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

OT Cybersecurity Expert

We are seeking a highly skilled OT (Operational Technology) Cybersecurity Profes...
Location
Location
India , Navi Mumbai
Salary
Salary:
Not provided
percivon.com Logo
Percivon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or master’s degree in ECTC, computer science, Cybersecurity, or a related field
  • Minimum 4 years of experience in OT cybersecurity or industrial control systems security
  • Hands-on experience with SCADA systems, PLCs, DCS, and industrial network protocols (e.g., Modbus, OPC, BACnet, Profibus)
  • Knowledge of cybersecurity frameworks like IEC 62443, NIST 800-82, and ISO 27001
  • Proficiency in Claroty’s tools and software like CTD, SRA etc.
  • Strong understanding of network segmentation, firewall policies, and secure remote access solutions
  • Certifications or strong practical know how on (multiple if not all) – ISA/IEC 62443 Cybersecurity Certificates, Certified SCADA Security Architect (CSSA), Certified Information Systems Security Professional (CISSP), CompTIA Security+, Offensive Security Certified Professional (OSCP), Certified Information Systems Auditor / Manager (CISA) / (CISM)
  • Excellent problem-solving and analytical skills
  • Familiarity with safety instrument systems (SIS) and knowledge of industry standards such as IEC 61511
  • Excellent problem-solving skills and attention to detail
Job Responsibility
Job Responsibility
  • Design and Deployment: Architect and implement advanced security solutions tailored to OT environments, such as network segmentation, firewall configurations, and secure remote access gateways
  • Threat Detection and Response: Configure OT-specific intrusion detection systems (IDS), intrusion prevention systems (IPS), and anomaly detection tools of products from companies like Nozomi Networks or Claroty
  • Protocol Analysis: Analyze and secure industrial network protocols (e.g., Modbus, OPC-UA, DNP3, Ethernet/IP, Profibus, Profinet and other fieldbus protocols) against vulnerabilities and unauthorized activity
  • Security Hardening: Implement device hardening practices on PLCs, RTUs, and HMIs, legacy products, including secure firmware updates, role-based access control, and default credential elimination
  • Incident Management: Establish incident response plans for OT environments, including preparation, detection, containment, eradication, recovery, and post-incident review
  • Vulnerability Management: Conduct regular vulnerability scanning and patch management for OT systems, ensuring minimal downtime while adhering to operational requirements
  • Secure Integration: Lead the secure integration of IT-OT environments, ensuring compatibility while minimizing cybersecurity risks, such as lateral movement threats
  • Continuous Monitoring: Configure and maintain Security Information and Event Management (SIEM) systems specifically for OT environments to identify and respond to threats in real time
  • Compliance Audits: Perform in-depth compliance audits for standards like IEC 62443, NIST 800-82, and other relevant frameworks, ensuring regulatory alignment
  • Red Teaming and Penetration Testing: Simulate cyberattacks to test the resilience of OT systems, document findings, and implement necessary remediation measures
  • Fulltime
Read More
Arrow Right

Cybersecurity Expert (SOC & Cloud)

The Security team is excited to welcome a motivated Cybersecurity Expert to help...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
leadtech.com Logo
Leadtech Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor/ Master's degree in Cybersecurity, Information Security, Computer Science, or a similar discipline
  • Knowledge of Security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP, GDPR
  • Knowledge of technical concepts such as cloud computing, code review, application security, cryptography, forensics, vulnerability detection (Azure & AWS are a must)
  • Deep Knowledge of cybersecurity/technical concepts such as: GNU/Linux systems
  • Microsoft Sentinel and Defender, as well as experience with writing KQL queries
  • Microsoft Azure (Network Security Groups, Recovery Services Vaults, Playbooks and Workbooks)
  • TCP/IP, DNS, and firewalls
  • Python, Bash, and SQL, Java, PHP
  • Familiarity with attack and exploitation techniques involving operating systems, applications, and devices (CISSP, CompTIA, CEH)
  • Understanding of security best practices for data and systems protection
Job Responsibility
Job Responsibility
  • Operate & optimize (and potentially Lead) a Security Operations Center (SOC)
  • Advanced Incident Investigation and Analysis
  • Handling Complex Threats: Investigating high-priority alerts escalated from Tier 1/2, such as potential APTs (Advanced Persistent Threats) or ransomware
  • Deep-Dive Analysis: Performing forensics on compromised systems, analyzing malware, and reconstructing attack chains using packet captures and log data
  • Cross-Source Correlation: Stitching together fragmented data from SIEM, EDR (Endpoint Detection and Response), and NDR (Network Detection and Response) tools to build a comprehensive picture of the attack
  • Proactive Threat Hunting and Detection Engineering
  • Threat Hunting: Proactively searching network and endpoint data for undetected, hidden threats rather than waiting for alerts
  • Rule Creation & Tuning: Developing custom detection logic and SIEM correlation rules to identify new malicious behavior
  • Reducing False Positives: Refining alert systems to minimize noise, ensuring the team focuses on genuine security incidents
  • Incident Response and Containment
What we offer
What we offer
  • Flexible career path with personalized internal training and an annual budget for external learning opportunities
  • Flexible schedule with flextime (7 - 9:30 a.m. start, 3:30 - 6 p.m. end)
  • Free Friday afternoons with a 7-hour workday
  • 35-hour workweek in July and August
  • Competitive salary
  • Full-time permanent contract
  • Top-tier private health insurance (including dental and psychological services)
  • 25 days of vacation plus your birthday off, with flexible vacation options—no blackout days
  • Office in Barcelona complete with free coffee, fresh fruit, snacks, a game room, and a rooftop terrace with stunning Mediterranean views
  • Ticket restaurant and nursery vouchers, paid directly from your gross salary
  • Fulltime
Read More
Arrow Right

Cybersecurity Subject Matter Expert

We are seeking an experienced Cybersecurity Subject Matter Expert (SME) to join ...
Location
Location
Luxembourg , Leudelange
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or a related field
  • 5+ years of experience in Cybersecurity Architecture with focus on business continuity and large-scale enterprise environments
  • Proven experience with cloud-native security on Azure and AWS
  • Practical knowledge of Agile and SAFe methodologies and their application to architecture design
  • Familiarity with architecture frameworks such as TOGAF and SABSA
  • Strong problem-solving, analytical, and communication skills
  • Experience in public sector or similarly complex, regulated environments is highly desirable
Job Responsibility
Job Responsibility
  • Provide strategic cybersecurity guidance across infrastructure, cloud, applications, and data
  • Advise on architecture and design, embedding security into all IT and business initiatives
  • Lead risk assessments, security reviews, and mitigation strategies
  • Drive secure deployment of cloud and hybrid solutions (Azure, AWS, GCP) and data protection initiatives
  • Provide IAM expertise and promote zero-trust, least-privilege principles
  • Integrate security into DevOps processes (DevSecOps) and leverage automation (Python) for monitoring and incident response
  • Act as a trusted advisor and mentor, shaping security practices and building organizational capability
What we offer
What we offer
  • Access to Sopra Steria training and personal development academy
  • Leased company car or mobility budget
  • Company laptop and mobile phone
  • Private health insurance
  • Meal vouchers
  • Social security and pension scheme
  • Competitive salary
  • 26 days holiday
  • Fulltime
Read More
Arrow Right