Location: Paris, Saint Maurice
Remoting work: Possible, with 3 days at onsite in customer premises initially for few months, later can move to 1 day per week at office model or occasional travel.
Type of role: Permanent
· Experience in a Security Operations Center
· Data analyze
· SIEM (framework to treat data analyze)
· The selected candidate(s) will have to analyse the alerts and security monitoring reports and identify patterns, apply domain intelligence/context to study if the alerts are real/relevant and take necessary actions.
· The candidate will have to discuss with all business and IT domains, as relevant, to get the analysis completed, identify actions together with the experts and find solutions to resolve and to prevent
· Will work with the Corporate Cybersecurity division in aligning the monitoring and security solutions and SOC approaches and continuously improve:
· Build rules and intelligence to detect threats,
· Develop SOC Use Cases, Implementation of SOC platform tools / solution.
· Experience with Security Operations Center, network event analysis and/or threat analysis,
· Experience analysing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway,
· Experience in Digital Forensics (disk and memory analysis),
· Experience on Malware Analysis and reversing,
· Knowledge of various security methodologies and technical security solutions,
· Strong understanding of security operations concepts: perimeter defence, endpoint management, data leak prevention, kill chain analysis and security metrics,
· Knowledge of the common attack vectors on various layers,
· Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix,
· Possibly experience on Splunk and Amazon Web services environment
|Job Category||Security Operations Center Analyst|