Date de publication Type de poste Lieu de travail Expérience Étude Disponibilité Langues
2 novembre 2023 CDI Tunis, Tunisie Entre 2 et 5 ans Bac + 5 Plein temps Français , Anglais
Description de l’annonce:

Our Cybersecurity team is looking for an Incident Response Analyst (m/f) to be based in Tunis.

The Incident Response Analyst will perform IS/IT security incident response tasks within Forvia’s Security Incident Response team (Level 2/3 SOC). This analyst will work closely with the Security Incident and Response Manager. This analyst shall also work with Forvia’s partners, who typically perform EDR detection tasks. He/she shall also contribute to enhance all documentation and procedures and propose/apply all necessary technical improvements to ensure proper responsiveness and efficiency of the team, especially enhancement of playbooks/automation as well as security rules.

Principal Duties and Responsibilities

  • Detect and respond to IS/IT security threats within our global corporate landscape, be it production,development or datacenter environments
  • Execute on incident response plans, identify root cause and drive mitigations to prevent future occurrences
  • Operate on all necessary technologies to identify and respond to IS/IT threats (in particular but not limited to our SIEM Elastic Security and our SOAR Palo Alto XSOAR)
  • Request necessary actions and follow up upon execution to other IT teams
  • Participate on projects that improve our intrusion detection and incident response capabilities
  • Participate on creation and improvement of incident response procedures and remediation workflows – automation, context and orchestration as code
  • Participate on creation and improvement of security detection rules on the SIEM
  • Be part of Faurecia’s first line of defense. We handle active security events and cutting-edge threats from a variety of sources, and you will be part of a 24/7 on call rotation

The ideal candidate will have/be:

Education and experience

  • “Cyber Security” relevant University degree
  • Real interest in the field of Cyber Security
  • 3 years of experience in Security Incident Response and associated best practices
  • Experience in identifying, analyzing, scoping, isolating and eradicating malware or hacking threats
  • Understanding of the current threat landscape and adversary tactic, techniques and procedures
  • Knowledge of enterprise-scale security technologies and capabilities including SIEM (Elastic), incident management (MISP), SOAR, threat intelligence, packet capture, protocol analysis/NetFlow usage, network and system monitoring and logging, malware analysis, firewalling / network filtering, IDS/IPS
  • Capacity to understand, design and enhance incident response processes
  • Strong knowledge in Linux, Windows, and network equipment’s operation
  • Knowledge in cloud technologies and cloud threat protection
  • Knowledge of network and host-based forensic methodologies, user behavioral analysis and other AI/ML oriented cyber security technologies
  • Scripting skills (Python is intensively used for our playbooks/automations)

Key competencies

  • Stress tolerance
  • Methodology, rigor
  • Curiosity
  • Strong written and oral communication skills
  • Teamwork
  • Strong critical thinking and problem-solving skills
  • Flexibility

Languages
English: fluent

Postuler ici

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *