• Engineer Security via IaC: Design and maintain reusable Terraform modules for IAM, networking, and logging. • Build Cloud Architecture: Deploy and manage AWS multi-account structures and Azure Hub-Spoke/Landing Zone architectures. • Own Identity & Access: Implement least-privilege IAM and automate identity lifecycles. • Direct Remediation: Own the remediation of vulnerabilities through engineering changes and patch automation. • Automate Security Ops: Develop automated remediation workflows. • Configure Native Security Stacks: Implement AWS GuardDuty, Azure Sentinel, etc. • Network & Encryption Engineering: Design VPCs, security groups, and implement WAFs. • Technical Compliance Implementation: Hands-on implementation of NIST 800-53 controls.

Company Description Nexthink is the leader in digital employee experience management software. The company provides IT leaders with unprecedented insight allowing them to see, diagnose and fix issues at scale impacting employees anywhere, with any application or network, before employees notice the issue. As the first solution to allow IT to progress from reactive problem solving to proactive optimization, Nexthink enables its more than 1,300 customers to provide better digital experiences to more than 18 million employees. Dual headquartered in Lausanne, Switzerland and Boston, Massachusetts, Nexthink has 9 offices worldwide. #LI-Hybrid Job Description As a Senior Corporate Security Engineer at Nexthink, you will be responsible for the security of our internal environment. You won't just be monitoring logs; you will be architecting the security fabric that enables our rapid growth. Working in close partnership with IT, business teams and, partnering with our Cloud and Application Security teams, you will secure the identity, devices, and applications used by "Nexthinkers" worldwide. You will own the security of a complex SaaS ecosystem, and lead detection and response for the corporate environment. What You Will Do Identity-Centric Security Architecture - Contribute to the design and support the implementation of passwordless authentication and Zero Trust principles. - Manage secure provisioning and lifecycle management, ensuring least-privilege access across all business systems. - Partner with HR and IT to streamline onboarding/offboarding workflows, ensuring timely access revocation and auditability. Endpoint & Infrastructure Security - Define and enforce security baselines for our diverse fleet of endpoints (Windows, macOS) and mobile devices via MDM (Intune/Jamf). - Manage and tune EDR/XDR solutions to ensure high-fidelity detection on workstations and servers (Windows, Linux, macOS). - Secure the corporate Azure footprint, ensuring proper configuration of subscriptions, networking, and resources distinct from our production product environment. - Proactively identify and mitigate security risks in our corporate environment, conducting regular security assessments and vulnerability scans. - Coordinate vulnerability management and patch management - Collaborate with IT to automate endpoint compliance checks and remediation workflows. Security Engineering - Support the development and maintenance of Infrastructure-as-Code. - Ensure hardening and compliance of endpoints and servers. SaaS Security & Integration - Assess and secure third-party SaaS integrations (e.g., Salesforce apps, browser extensions, productivity tools) to prevent data leakage and over-privileged access. - Collaborate with Legal and Compliance to vet new vendors and tools. - Configure and maintain CASB and DLP policies to safeguard sensitive corporate data without hindering productivity. Detection, Response & Automation - Lead incident response activities for corporate security events (phishing, malware, lost devices). - Develop automation scripts (Python/PowerShell) and workflows (SOAR) to automate manual security tasks, evidence collection, and response actions. - Proactively hunt for threats within the corporate network and identity providers. - Develop incident response playbooks including technology specific procedures and forensics collection Audits and Compliance - Design and implement security controls to safeguard corporate resources, including endpoints, data storage, networking, computing and identity and access management. - Support and automate evidence collection for audits. Culture & Collaboration - Act as the primary security liaison to the IT Department and business teams, helping them build security into their operations (DevSecOps for IT). - Design and deliver technical security training and awareness campaigns for engineering and business teams. Qualifications - 5-8 years of hands-on experience in Corporate Security, IT Security Engineering, or a SOC role in a cloud-first environment. - Endpoint Mastery: Experience hardening operating systems (macOS/Windows) and managing security via MDM/UEM tools. - Vulnerability management: Proven experience in helping IT and business teams patching systems and infrastructures. - Coding Skills: Proficiency in Python and Terraform for automating APIs and security workflows. - Security Ops: Proven experience with EDR tools and SIEM log analysis. - Communication: Fluent in English with the ability to explain complex risks to non-technical stakeholders. - Proven ability to influence and drive security best practices across non-security teams. - Experience with security awareness training platforms and phishing simulation tools. Bonus Points - Identity Expertise: Deep technical knowledge of Okta and Microsoft Entra ID (Authentication policy, Conditional Access, SSO, SCIM, OIDC/SAML). - Experience implementing FIDO2/WebAuthn (Passwordless). - Proficient in PowerShell. - Familiarity with compliance standards (ISO 27001/27701, SOC 2, FedRAMP) - Experience securing Cloud Infrastructure (Azure/AWS) specifically for internal/corporate workloads. Why Join Nexthink Security? - Impact: You will report directly into the CISO organization and have a tangible impact on the daily lives of employees and the safety of the company. - Opportunity to work on cutting-edge security projects, with visibility and support from executive leadership. - Technology: We use top-tier security stacks. You won't be fighting with legacy on-premise hardware; we are cloud-native. - Culture: We value "Security as an Enabler," not a blocker. You will work in a supportive, highly technical environment in our Madrid hub Additional Information We are the pioneers and trailblazers of a global IT Market Category (DEX) that is shaping the future of how the world works, giving our customers' IT Teams total digital visibility across their enterprise. Our innovative solutions integrate real-time analytics, automation, and employee feedback across all endpoints. This enables our IT teams to solve complex technical challenges, create ever more productive workplaces, and deliver happy, satisfied employees in the digital workplace. With over 1000 employees across 5 continents, Nexthink operates as One Team, connecting, collaborating and innovating to continuously grow. We call our employees 'Nexthinkers' and our commitment to diversity, inclusion, and equity is second to none. We currently have over 75 nationalities working with us, from all cultures and backgrounds, speaking many different languages. If you are looking for a change and like a nice atmosphere, lots of challenges, and having fun while working, this is a great opportunity for you! Check what we offer: - Permanent Contract and a competitive compensation package. - Office location in 9m ARR, Rue de Caumartin. - Health insurance employee-employer paid options covering medical, dental, and optical treatments, hospitalization, and equipment and 100% employer-paid life insurance. - Hybrid work model balancing office and remote work, with a structured approach for new hires to foster connections and onboarding. - Flexible Hours and unlimited vacation (employees have unlimited paid time off on top of the 25 days of holidays we offer), RTT days, and 3 extra days for volunteering. - Free access to professional training platforms to explore your interests and enhance your skills. - 50% reimbursement on your Pass Navigo, making travel to and from work more affordable and sustainable. - 16 weeks of fully paid leave for primary caregivers, extendable up to 8 additional months unpaid, and 6 weeks of fully paid leave for secondary caregivers. - Reimbursement for fitness, gym memberships, and sports participation up to 25 EUR/month. - Bonuses for referring successful hires after three months of continuous employment. Please note that not all the benefits listed above are available for temporary, contract, and internship roles. To ensure you have the most up-to-date information, we recommend checking with your Recruitment Partner.

The Manager of Cybersecurity Advisors leads a regional team from Prague responsible for delivering exceptional service to Rapid7 Managed Services customers across Central Europe. This role focuses on driving customer satisfaction, retention, and growth while evolving proactive engagement strategies to support customers' security operations programs. About the Team The Cybersecurity Advisor team is part of the EMEA Customer Success organisation, supporting Managed Services customers in strengthening their security operations and managing complex threats. The team plays a critical role in driving customer outcomes, retention, and long-term success with Rapid7 solutions. About the Role As a Manager of Cybersecurity Advisors, your primary responsibility will be to lead and develop a team supporting Rapid7's Managed Services customers. You will drive customer satisfaction, retention, and growth across Central Europe while implementing proactive engagement strategies to advance customers' security operations maturity. In this role, you will also collaborate cross-functionally with product, sales, marketing, and technology teams to continuously enhance service delivery and overall customer outcomes. In this role, your primary responsibility will be to manage a team. Specifically, your focus will be to: - Lead a portion of our global Cybersecurity Advisor team for Rapid7 Managed Services - Recruit, mentor, and retain excellent team of Cybersecurity Advisors across Rapid7 Managed Services - Be responsible for the Central European Managed Services customer book of business. Building relationships with those customers, owning customer escalations and forecasting customer health. - Drive collaboration, learning and process improvement in the Cybersecurity Advisor team to scale Managed offerings and drive smart growth in the business - Collaborate with Rapid7 Managed SOC and technology teams and the broader Rapid7 Products organization to improve Rapid7 Managed offerings and the technologies that enable them - Collaborate with Rapid7 Services and Customer Success organizations focused on maturity - Interface with key customers/prospects on service strategy and service issues The skills and qualities you'll bring include: - Experience leading, developing, and mentoring high-performing teams, with the ability to inspire, represent the team internally, and collaborate with partners - Ability to translate big-picture goals into clear, actionable steps, execute quickly, and adapt to achieve meaningful outcomes - Strong prioritization and organizational skills, with the ability to manage competing demands effectively - Strong client relationship management experience, including the ability to manage a book of business, track KPIs and metrics, and drive customer retention and growth - Ability to build and maintain executive-level relationships, including with CISOs, and effectively manage escalations - Strong understanding of security operations and enterprise technologies, with the ability to engage in technical discussions related to SOC environments - Ability to navigate change with a forward-looking mindset, understanding the "why" and supporting others through it - Outstanding communication skills, both written and verbal - Demonstrated experience interfacing with customers and prospects - Demonstrated ability to work cross-functionally and build strong relationships across teams, levels, and departments - Willingness to travel occasionally as required - Core Values Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today! #LI-SIM About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.

Do you want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300.000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready? The Team Our Digital Platforms Practice helps some of the largest global firms and most recognizable brands deliver value and business transformation enabled by digital ERP solutions and services. Our ERP services, covering strategy, implementation and innovation, help clients deliver true value and achieve their transformation agenda. The Role As a SAP Security/GRC Consultant, you will work closely with diverse clients to assess their SAP security risks, design and implement tailored SAP Security and Governance, Risk & Compliance (GRC) solutions, and drive successful project delivery. You will act as a trusted advisor, helping clients align SAP security frameworks with business objectives and compliance mandates. - Lead SAP Security and GRC assessment, design, and implementation projects for clients across industries. - Conduct client workshops and requirements gathering sessions to understand business and security needs. - Design and configure SAP security roles, authorizations, and GRC Access Control components (Access Risk Analysis, Emergency Access Management, Access Request Management). - Develop and enforce Segregation of Duties (SoD) policies to mitigate risks and ensure compliance. - Deliver SAP Security and GRC gap analysis, risk assessments, and remediation plans. - Support clients during audits by preparing documentation, reports, and facilitating access reviews. - Provide strategic advice on SAP security best practices, compliance frameworks (SOX, GDPR, HIPAA, etc.), and process improvements. - Collaborate with cross-functional teams including Basis, functional consultants, and IT auditors to implement secure SAP landscapes. - Conduct end-user training sessions and knowledge transfer workshops. - Stay abreast of SAP security trends, new releases, and regulatory changes to provide proactive consulting.