Security Operations Engineer

We are growing! We are looking for a Security Operations Engineer who can work with in a hybrid or a remote set-up. For this role, we are specifically looking for candidates based in Tunisia or Lebanon.

Who we are:

Founded in 2006, we’re proud to be a global business. From Shanghai to Paris, we have 12 offices and operate across four continents in 70 countries. We are home to over 250 professionals from around the world, working together to serve more than 230 luxury clients.

At CXG, we love to evolve, elevate, and transform experiences while bringing brand promises to life. We offer strategic solutions that impact performance and elevate the customer experience of some of the world’s most iconic premium and luxury brands.

What you will be doing:

The Security Operations Engineer is responsible for operating, maintaining, and improving the organization’s security controls across cloud and enterprise environments.

This role focuses on hands-on execution of security operations, ensuring that vulnerabilities are identified, security tools are effectively configured, and incidents are properly handled. The objective is to strengthen day-to-day security posture through structured processes, automation, and collaboration with engineering and IT teams.

Your duties will also involve:

Security Monitoring & Operations

• Monitor security alerts and investigate potential threats
• Operate and maintain security tools and platforms
• Support incident detection, analysis, and response activities
• Ensure proper logging, alerting, and escalation mechanisms are in place

Vulnerability Management & VAPT

• Run regular vulnerability scans using appropriate tools

• Support coordination of periodic penetration testing (e.g., quarterly or risk-based)
• Track vulnerabilities and ensure remediation follow-up
• Assist in validating fixes and reducing exposure over time

Application Security

• Run and maintain automated security testing tools (SAST, DAST, dependency scanning)
• Integrate security checks into development workflows
• Support developers in identifying and fixing vulnerabilities
• Contribute to improving secure development practices
• Automation-first approach. Manual intervention when necessary.

Cloud, Network & Infrastructure Security

• Support implementation and validation of security configurations in cloud environments
• Assist in reviewing identity and access controls
• Contribute to securing network configurations, firewall rules, and application protection mechanisms
• Support enforcement of encryption, logging, and monitoring standards

Microsoft 365 & Endpoint Security Leadership

• Operate and maintain enterprise security tools (e.g., Defender, endpoint/device management solutions)
• Monitor alerts and contribute to improving configurations
• Support identity protection and access control policies
• Assist in ensuring secure collaboration and data sharing

Third-Party & Vendor Security Governance

• Support security assessments of vendors and SaaS tools
• Assist in completing security questionnaires from clients and partners
• Contribute to tracking third-party security risks

Tool & AI Security Governance

•  Support security reviews of new tools and technologies
• Assist in evaluating risks related to AI-based solutions
• Ensure basic security requirements are considered during tool adoption

Incident Preparedness & Response

• Participate in security incident handling and investigations
• Document incidents and contribute to corrective actions
• Support implementation of preventive measures

Awareness, Adoption & Continuous Improvement

• Contribute to promoting security awareness across teams
• Support internal guidance on secure practices
• Continuously improve processes, tools, and controls
• Stay updated on emerging threats and security practices