Cybersecurity Engineering Lead

As the Cybersecurity Engineering Lead, you design, implement and enhance security and controls across on‑premise, cloud and application environments. In this role, you report to the Head of Cybersecurity and supervise two Mobile Implementation Officers (MIOs). You also provide technical support for compliance activities, audits, vulnerability remediation and third‑party security, ensuring that cybersecurity and compliance requirements are delivered consistently in line with MSF OCB standards. You ensure that security controls and configurations are properly built, hardened and maintained over time. Your work strengthens MSF’s trustworthiness for patients, staff, donors and partners by establishing and sustaining robust, well‑evidenced security measures. You collaborate closely with key stakeholders, including the Cybersecurity Team, the Data Protection Officer, infrastructure and cloud teams, DevOps, staff in countries of operation, Data and Analytics, procurement and legal, to embed strong security and controls across MSF’s technology landscape. MAIN RESPONSIBILITIES Cybersecurity control implementation & hardening Implement and maintain technical security controls across MSF’s infrastructure and cloud (Azure AD / Entra ID, M365, Defender, Sentinel, firewalls, VPN, endpoint protection) Implement Zero Trust and secure-by-default principles, apply secure configuration baselines and hardening standards (servers, endpoints, cloud, identities) using applicable frameworks such as CIS and Microsoft baselines Secure software delivery & by design Work with relevant teams to embed security checks (such as SAST/DAST, dependency scanning, secrets management) into CI/CD workflows and support secure solution designs Implement and support technical measures for -by-design and -by-default (data minimisation, role-based access, encryption, logging and retention for personal data) Provide technical input to DPIAs and help implement -related controls (e.g. retention policies, consent/preference handling, restricted debug logging) together with application owners and the DPO Vulnerability remediation & testing Collaborate with the Information Security Operations Specialist and system owners to remediate vulnerabilities, focusing on structural fixes (baseline changes, configuration hardening, architectural improvements) Support planning and follow-up of penetration tests / red-team exercises and lead or assist in implementing remediation actions Provide the technical view of remediation progress and recurring weaknesses, and propose improvements to controls and baselines Third-party / vendor technical security Perform technical security and risk due diligence on vendors and third parties during procurement and renewals (cloud services, SaaS, tools, MSPs). Review vendor security documentation, certifications and data-protection terms, identify gaps and recommend technical mitigations. Define and support implementation of t