SOC Analyst apprentice (M/F/X)

Summary of the role

As part of the Equans CSIRT you will learn how to actively participate to the initial detection preliminary assessment and response to IT security incidents.

You will analyse the attackers modus operandi and assess the extent of compromise. By examining the technical data collected you will identify the attackers modus operandi determine their objectives and assess the extent of the attacks.

By means of an investigation report you will propose recommendations for remedying the problems and strengthening the security of the systems affected. You will suggest actions to be taken to counteract and resolve the incident in particular by cleaning up and reinforcing the security of the systems affected.

You carry out constant monitoring of new vulnerabilities emerging technologies and attack methods related to the components of the information system by developing appropriate investigation tools.

KEY OBJECTIVES & KPIs

Workload allocation on main activities:

• 50% for alerts reponse and incidents handling
• 10% for continuous improvements (documentation process improvement ...)
• 10% on detection improvements (hunting and implementation of detection rules)
• 10% for meetings and operational management
• 5% for training

KEY RESPONSIBILITIES

Monitoring and improvement

• Contributing to the continuous improvement of procedures; developing procedures for new types of incident
• Contribute to ongoing monitoring of threats vulnerabilities and attack methods in order to enhance event correlation rules.

Implementing uses and tools

• Help set up the detection service (SIEM etc.)
• Helping to define the strategy for collecting event logs
• Participating in the development and maintenance of event correlation rules
• Conduct market analysis and evaluate new solutions through Proof of Concepts

Reacting to threats

• Transmit action plans to the entities in charge of processing and provide support regarding the corrective or palliative measures to be implemented
• Make recommendations on immediate measures
• Supporting the investigation teams in dealing with incidents

Threat detection

• Identify analyse and qualify security events in real time
• Assess the seriousness of security incidents
• Notify security incidents escalate if necessary

PROFILE

Academic background & Experience

• 2 years apprenticeship
• Engineer school Master M1

Skills

• You have a deep interest in monitoring and intrusion detection tools as well as incident management systems;
• You have an interest in and skills for developing task automation;
• You are curious rigorous and enjoy a challenge;
• You are comfortable working in a decentralised multicultural organisation with varying levels of maturity in terms of cyber security;
• Youre a good communicator with good interpersonal skills and youre comfortable adapting to a variety of people;
• You have a sense of ethics and are able to exercise discretion;
• Fluent English essential and willing to work in an international context;