Cybersecurity Engineering Lead at Medecins Sans Frontieres (MSF)

• As the Cybersecurity Engineering Lead, you design, implement and enhance security and privacy controls across on‑premise, cloud and application environments. In this role, you report to the Head of Cybersecurity and supervise two Mobile Implementation Officers (MIOs). You also provide technical support for compliance activities, audits, vulnerability remediation and third‑party security, ensuring that cybersecurity and compliance requirements are delivered consistently in line with MSF OCB standards.
• You ensure that security controls and configurations are properly built, hardened and maintained over time. Your work strengthens MSF’s trustworthiness for patients, staff, donors and partners by establishing and sustaining robust, well‑evidenced security measures. You collaborate closely with key stakeholders, including the Cybersecurity Team, the Data Protection Officer, infrastructure and cloud teams, DevOps, staff in countries of operation, Data and Analytics, procurement and legal, to embed strong security and privacy controls across MSF’s technology landscape.

MAIN RESPONSIBILITIES 

Cybersecurity control implementation & hardening

• Implement and maintain technical security controls across MSF’s infrastructure and cloud (Azure AD / Entra ID, M365, Defender, Sentinel, firewalls, VPN, endpoint protection)
• Implement Zero Trust and secure-by-default principles, apply secure configuration baselines and hardening standards (servers, endpoints, cloud, identities) using applicable frameworks such as CIS and Microsoft baselines

Secure software delivery & privacy by design

• Work with relevant teams to embed security checks (such as SAST/DAST, dependency scanning, secrets management) into CI/CD workflows and support secure solution designs
• Implement and support technical measures for privacy-by-design and privacy-by-default (data minimisation, role-based access, encryption, logging and retention for personal data)
• Provide technical input to DPIAs and help implement privacy-related controls (e.g. retention policies, consent/preference handling, restricted debug logging) together with application owners and the DPO

Vulnerability remediation & testing

• Collaborate with the Information Security Operations Specialist and system owners to remediate vulnerabilities, focusing on structural fixes (baseline changes, configuration hardening, architectural improvements)
• Support planning and follow-up of penetration tests / red-team exercises and lead or assist in implementing remediation actions
• Provide the technical view of remediation progress and recurring weaknesses, and propose improvements to controls and baselines

Third-party / vendor technical security

• Perform technical security and risk due diligence on vendors and third parties during procurement and renewals (cloud services, SaaS, tools, MSPs).
• Review vendor security documentation, certifications and data-protection terms, identify gaps and recommend technical mitigations.
• Define and support implementation of technical requirements in contracts, SLAs, DPAs and SoWs (e.g. encryption, logging, incident notification, access control, patching, data location and retention).

Collaboration, Compliance, frameworks & incident support

• Coordinate the technical collection, consolidation and secure transfer of required logs and artefacts (SIEM, endpoints, network, cloud, applications)
• Support technical analysis during incidents or suspected data breaches (config checks, cloud/integration review)
• Maintain clear technical documentation (baselines, reference architectures, vendor assessments, privacy controls, remediation plans) to support operations and audits
• Stay current with emerging threats, tools and vendor capabilities in cloud, identity, application security, vulnerability management, privacy-enhancing technologies and third-party risk, and propose pragmatic improvements to MSF’s security posture

REQUIREMENTS 

Education & Experience

• Education: Master's Degree (or equivalent) in information security, Cybersecurity, Computer Science, Information Technology, Cybersecurity, or a related area of study
• Professional Certifications: Relevant certifications such as CEH, CISA, CISM, CISSP, CompTIA Security+, ISO/IEC 27001 (Lead Implementer/Auditor), GIAC, or equivalent
• Security Engineering Experience (Minimum 5 years): Proven hands-on experience designing, implementing, and operating technical security controls across identity, endpoint, network, cloud, and application environments.
• Microsoft Security Stack (Minimum 5 years): Practical experience securing Microsoft environments, including Entra ID/Azure AD, Microsoft 365, Defender suite, and Microsoft Sentinel
• Vulnerability & Monitoring Platforms (Minimum 5 years): Experience configuring and operating vulnerability management tools, SIEM/SOC platforms, firewalls, and related security technologies; managing remediation and follow-up
• Compliance & Assurance (Minimum 4 years): Experience supporting or leading audits and control implementation aligned to GDPR/Data Protection, ISO 27001 (ISMS), PCI DSS, and similar frameworks.
• Cloud Security: Familiarity with Microsoft Azure architecture and associated security controls and reference frameworks