Stimulating. Motivating. Challenging.

Location: Paris, France

Mission

As part of our Managed Security Services department, your mission will be to deliver trust and confidence to clients during Incident Response engagements and will be able to act autonomously on IR but also leverage the Cyber Fusion Center security analysts and other KS specialized resources in the most complex cases.

Your intervention will vary from remote incident response to onsite incident response depending on the situation.

In addition to possessing deep technical knowledge, an MSS Incident Responder interacts extensively with clients and partners using polite professional etiquette.

If you:

• Are passionate about cybersecurity and constantly developing your knowledge
• Are customer oriented and highly motivated by providing excellent client satisfaction
• Are a self-driven technology professional familiar with Security Operations

Location: Paris 

Responsibilities

Your responsibilities will be to:

• Deliver Incident Response service activities for MSS and non-MSS clients

• Act as a lead in IR engagements with clients to coordinate activities for professional and experienced IR.
• Deliver IR processes according to best practices & be capable of driving the process in clients’ engagements.
• Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations.
• Effective and secure handling of digital evidence and matter confidentiality.
• Ability to analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
• Document incidents from initial detection through final resolution.
• Coordinate with other information security specialists to correlate threat assessment data.

• Watch threat intelligence and disseminate information in the Cyber Fusion Center & Kudelski Security
• When not involved in IR engagements

• Provide advanced inputs for MSS Threat hunting campaigns
• Research around performed IR engagement and write publications
• Perform talks in conferences to increase Kudelski Security visibility in IR and Advanced Security
• Write Security advisories on critical threats
• Take responsibility for customer satisfaction and overall success of managed services.
• Drive new client onboarding in IR
• Develop tools/scripts and improves incident processes

This role involves

• Be available, ready, and able to accept incoming calls
• 24x7x365 on-call duty is part of the IR job
• May need to travel in emergency to specific locations for IR engagement
• Plan, develop, and test new technical solutions and processes
• Propose enhancement on tools and workflow
• Respond in a timely manner (within documented SLA) to support IR.
• Document actions in tickets to effectively communicate information internally and to customers
• Adhere to policies, procedures, and security best practices
• Mentor fellow Security Engineers and Security Analysts

You are

Passionate about cyber security and providing excellent client satisfaction. 

You like the “nuts and bolts” of day-to-day tactical execution of MSS IR with an emphasis on providing world-class IR.  A self-driven, team oriented, and highly motivated technology professional experienced in IR.

Requirements / Profile

You have

• Minimum 3 years’ experience in information security
• Able to work under stress and high workload
• Excellent client service skills
• Excellent analytical thinking and problem-solving skills
• Experience reviewing and analysing log data, network packets captures
• Experience implementing and managing Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), Endpoint Detection and Response (EDR)
• Knowledge of incident response processes (detection, triage, incident analysis, remediation, and reporting).
• High level of ethical hacker knowledge and understanding of malware/ransomware.
• Strong knowledge of Windows/Linux OS, network protocols, scripting languages
• Understanding of network and system intrusion and detection methods
• Proven experience with commonly used forensic and IR toolkits.
• Comfortable analysing malicious artifacts in a safe manner such as potentially malicious websites, emails and malware
• Excellent written and verbal communication skills with the ability to express thoughts clearly and accurately, know how to listen, and contribute to a client-facing environment.
• Strong attention to detail and organizational skills.

Languages:

• French & English spoken and written is mandatory 

These would be a plus

• SANS certification
• Any other Cyber Security certification
• SIEM certification like LogRhythm, Splunk, Elastic SIEM, QRadar,…
• Threat Intel research skills
• Malware analysis skills

 Join us and be part of a rapidly growing company with locations in Switzerland and the United States and who leverages their unique history of innovation and engineering with a pragmatic view of client security, to adopt a different approach to cybersecurity and help change the security paradigm. When you join us, you'll be part of an industry leader that has a tremendous impact on how our clients approach Cybersecurity strategy.

If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today. 

Reference: 11767
Publication Date: 06-01-2021