CTC003352 - Permanent - Security Analyst Level 2 (1 senior and 1 junior)
Type d'emploi: Contract
Durée:
Mode de travail: On Site
Description
Main tasks
o SIEM maintenance
o resources monitoring, platform incident management, platform update
o log custom SIEM parsers development and maintenance
o collection sources monitoring
o Internal and Threat intelligence feeds management
o reports and alerts rules maintenance and evolution
o AAA (role and rights management = segregation)
o Log gathering run and extension to new assets and new scopes
o Development of scripts for in-depth reporting and data science based on logs, PCAP...
o Detection strategy and architecture + other technical documentation maintenance
o Reporting on the maintenance platforms with KPI of performance, availability, coverage, etc.
o Development/deployment of other security tools (IOC tools, security network monitoring tools...)
o Alerts, anomalies and incidents qualification and handling (when no procedure exists for this kind of incidents)
o Knowledge base maintenance with response plan and workflow definitions for recurrent kind of incidents
o Specific reporting and dashboard maintenance on incident management
o Incident management coordination: Investigation and Forensics lead. Follow-up with skill teams until conclusion of the security incidento One of the FTE needs to be more senior, so in addition:
o Local relay for Paris’ SOC functional lead
o Report on SOC efficiency and coverage to Paris’ SOC and SG GSC’s SOC customers
o Crisis management
Skills required
o For Junior FTE:
o Previous experiences as a security analyst (3 years minimum) or as a pentester (3 years minimum), or otherwise as an expert in an operational security team (5 years minimum)
o For Senior FTE:
o Previous experiences as a SOC manager (3 years), SOC incident coordinator (3 years) or as a Security Project leader (5 years)
o Leadership and good communication skills
o Risk analysis experience and skills
o Mastering ITIL
o Mastering security policies, process and procedures definition
o For Both
o IT engineer
o Previous experiences as a SIEM expert (3 years minimum) with experience in RSA Security Analytics administration or otherwise in other SIEM technologies (next-generation SIEM like Qradar or Arcsight)
o Mastering network protocols and systems architecture
o Security Log analysis skills
o Development skills in shell, bash, Python, etc
o Good knowledge of main network protocol and architecture
o Malware analysis skills
o Mastering operational English language (French nice to have)
o Pen-testing skills are a nice to have