Détails de l'opportunité de carrière

CTC003352 - Permanent - Security Analyst Level 2 (1 senior and 1 junior)

Type d'emploi: Contract
Durée:
Mode de travail: On Site

Description

Main tasks

o SIEM maintenance

o resources monitoring, platform incident management, platform update

o log custom SIEM parsers development and maintenance

o collection sources monitoring

o Internal and Threat intelligence feeds management

o reports and alerts rules maintenance and evolution

o AAA (role and rights management = segregation)

o Log gathering run and extension to new assets and new scopes

o Development of scripts for in-depth reporting and data science based on logs, PCAP...

o Detection strategy and architecture + other technical documentation maintenance

o Reporting on the maintenance platforms with KPI of performance, availability, coverage, etc.

o Development/deployment of other security tools (IOC tools, security network monitoring tools...)

o Alerts, anomalies and incidents qualification and handling (when no procedure exists for this kind of incidents)

o Knowledge base maintenance with response plan and workflow definitions for recurrent kind of incidents

o Specific reporting and dashboard maintenance on incident management

o Incident management coordination: Investigation and Forensics lead. Follow-up with skill teams until conclusion of the security incidento One of the FTE needs to be more senior, so in addition:

o Local relay for Paris’ SOC functional lead

o Report on SOC efficiency and coverage to Paris’ SOC and SG GSC’s SOC customers

o Crisis management

Skills required

o For Junior FTE:

o Previous experiences as a security analyst (3 years minimum) or as a pentester (3 years minimum), or otherwise as an expert in an operational security team (5 years minimum)

o For Senior FTE:

o Previous experiences as a SOC manager (3 years), SOC incident coordinator (3 years) or as a Security Project leader (5 years)

o Leadership and good communication skills

o Risk analysis experience and skills

o Mastering ITIL

o Mastering security policies, process and procedures definition

o For Both

o IT engineer

o Previous experiences as a SIEM expert (3 years minimum) with experience in RSA Security Analytics administration or otherwise in other SIEM technologies (next-generation SIEM like Qradar or Arcsight)

o Mastering network protocols and systems architecture

o Security Log analysis skills

o Development skills in shell, bash, Python, etc

o Good knowledge of main network protocol and architecture

o Malware analysis skills

o Mastering operational English language (French nice to have)

o Pen-testing skills are a nice to have

Notre barre latérale

Bienvenue sur le nouveau site web de la CTC.