CSIRT Analyst

We are hiring a CSIRT / Cybersecurity Incident Response Analyst to assist one of our clients in the automotive industry. This role will act as the key liaison between local business and technical teams and the global cybersecurity operations team supporting incident response escalation management and cybersecurity operations coordination for critical environments.

This role ensures strong proximity rapid response capability and expert-level support during complex or critical cybersecurity incidents. The candidate enhances mutual understanding between business functional and technical stakeholders while ensuring efficient escalation handling mitigation tracking and incident coordination.

Key Responsibilities:

Operational Coordination & Proximity

• Serve as the local cybersecurity management contact
• Maintain close proximity to on-site teams to understand operational need critical assets operational priorities and constraints.
• Act as a trusted relay between stakeholders and central CDOC/SOC teams.

Incident & Escalation Management

• Facilitate and coordinate incident escalations to appropriate teams.
• Act as an escalation point for complex cases requiring expert arbitration or cross-team coordination.
• Ensure follow-up of mitigations remediation plans and corrective actions.

Advanced Incident Response Support

• Intervene in complex or critical cybersecurity incidents that fall outside standard response procedures and require advanced incident response expertise.
• Support and when required lead complex operational response actions from containment to threat eradication.
• Oversee and validate technical remediation and system restoration ensuring secure and controlled recovery of the information system.
• Guarantee alignment between technical risks business impacts and client priorities throughout incident handling.

Crisis Management

• Provide expert support to crisis management and assume a coordination role under CSIRT guidance during critical incidents including major attacks or high-impact security events.

Requirements Translation & Solution Alignment

• Translate functional and business requirements into clear technical requirements for cybersecurity teams
• Contribute to the definition and alignment of global cybersecurity solutions ensuring local constraints and feedback are considered.
• Support continuous improvement of detection response and operational processes.

Communication & Information Relay

• Ensure effective two-way communication:
• From sites to Detection & Response teams (context impact priorities).
• From central teams to local stakeholders (status actions recommendations).
• Promote knowledge sharing and operational best practices.

Continuous Improvement

• Actively contribute to improving daily operations responsiveness and service quality.
• Leverage experience and expertise to deliver daily added value to operational teams.

Qualifications :

Key Skills & Competencies

• Strong knowledge of cybersecurity operations SOC/CDOC environments and incident response processes.
• Proven ability to coordinate across technical and non-technical stakeholders.
• Experience in incident management escalation handling and mitigation tracking.
• Ability to translate business needs into technical cybersecurity requirements.
• Strong communication facilitation and coordination skills.
• Autonomous proactive and solution-oriented mindset.
• Experience or Knowledge of products Sentinel and Logic Apps

Positioning

• Acts as a Level 3 operational relay between local teams and global CDOC functions.
• Key contributor to operational efficiency risk reduction and continuous improvement

Additional Information :

Work-life balance: Hybrid working mode and Work-from-Abroad benefits 18 days of Annual leave
Health & insurance: Comprehensive coverage including General Practitioner hospitalization dental and optical
Performance incentives: Annual bonus based on individual performance
Learning & development: Training programs certification opportunities and training incentives to support career growth
Team culture: Regular team-building activities and social events

Remote Work :

No

Employment Type :

Full-time