Security Lead

Senior Security Consultant

About the role

We are looking for a

Senior Security Consultant

to join the

Group Information Security team

as part of a strategic, multi-year transformation program. This role focuses on the design, evolution, and governance of the

Minimum Technical Security Baseline (MTSB)

framework across the organization. You will provide deep technical expertise to define and refine security baselines aligned with corporate risk, working closely with Product SMEs, Security Leads, and governance bodies. Operating at the intersection of

technical security controls and enterprise governance , you will help ensure consistent, measurable, and enforceable security standards across infrastructure, cloud, endpoints, and enterprise platforms. If you combine strong technical foundations with the ability to align stakeholders and operate within governance structures, this role is for you.

What you’ll do

Define and update technical security baselines based on corporate risk exposure and threat landscape. Select and tailor controls from Center for Internet Security (CIS Benchmarks) to align with enterprise requirements. Organize and lead workshops with Product SMEs to refine control applicability, feasibility, and remediation impact. Validate and converge control selections within governance forums (e.g., Control Implementation Working Groups). Maintain and evolve a large-scale security controls framework (+100 high-level controls and thousands of low-level controls). Support product teams and entities during control implementation and remediation phases. Provide structured follow-up and reporting inputs for steering committees and executive governance bodies. Act as a technical authority across infrastructure, cloud, endpoint, and security tooling domains.

Must Have

5+ years of experience in IT Operations and Information Security. Proven expertise in

CIS Benchmarks, hardening standards, and technical security baselines . Strong understanding of enterprise IT environments: Servers (Windows / Linux); Workstations & mobile; Networks & access control; Cloud (AWS / Azure / GCP); Microsoft 365; Security tools (EDR, AV, proxy, patching solutions) Experience working within security governance and control frameworks. Ability to deep dive technically while aligning stakeholders in governance settings. Experience supporting large-scale control implementation programs. Fluent English (mandatory). Strong communication and workshop facilitation skills.

✨

Nice to Have

Experience in large international or matrix organizations. Exposure to ISO 27001, NIST, or enterprise security frameworks. Previous experience working within a Group CISO / Corporate Security function. Experience presenting in executive steering committees. Background in cloud security architecture or enterprise security engineering.

Why this role matters

This position plays a key role in strengthening the organization’s global security posture by defining the minimum technical standards that protect infrastructure, platforms, and business operations worldwide. You will operate at strategic scale while remaining deeply connected to technical realities — shaping how security is implemented across the enterprise.

Why join this project?

People first – diverse and inclusive culture in an international environment. Modern cloud platforms and large-scale, global projects. High team stability and collaborative culture. €1200 per year training budget and continuous learning opportunities. Flexible compensation model. Private health insurance and benefits package. ⚡ Flexible working hours and hybrid model. ️ Wellhub: fitness, wellness, and mental health support. ⚽ Football and paddle tennis teams sponsored by Capitole. Team buildings, global events, and strong tech communities.

✨

Want to know more about us?

Click

here

and discover all the details.

Curious about our culture?

Check out what people are saying about us on

Glassdoor .

We know that not every candidate will meet 100% of the requirements. If your profile doesn’t match perfectly but you believe you can add value, we’d still love to hear from you!

Ready for the challenge? Apply now and be part of a global team driving cloud innovation and security.

Empowering People, Unlocking Innovation.

Information Security Notice The employee will have access to confidential information related to Capitole and the assigned project. Compliance with internal security and information protection policies is mandatory. NDA signature required.