We are looking for a CSIRT Cyber Security Analyst to support our client Information Security team within their IT organization. Our client is setting up a follow-the-sun support model to provide better Incident Response management to the business. As part of this
expansion, we are looking to engage a US-based resource to carry on this function for the Americas region, who will work closely with our client CISO team in Paris. The consultant will start in Paris and after a few months spent with the global team, will be located in our client NYC offices, and will partner with Americas local IT team to deliver support to the Global CSIRT (Computer Security Incident Response Team) while improving our clients overall cybersecurity posture. For this position we will sponsor a visa E2, if need it.
Essential duties and responsibilities include the following. Other duties may be assigned. The selected candidate will join the CSIRT (Computer Security Incident Response Team), in a role of a Cyber Security Analyst. The CSIRT is in charge of detecting and responding to computer security incidents,worldwide.
The role will mainly focus on analysis, evaluation, and handling security incidents from different
sources (EDR, SIEM, AV, Firewalls, etc). Additional responsibilities will include:
* Develop and implement new detection use cases (correlation rules) to continuously improve the detection capabilities of CSIRT
* Develop new modules (in Python) and workflows on SOAR (Security Orchestration Automation & Response) to automate the contextualization, enrichment, analysis, and response to security alerts and incidents
* Qualify, propose, and lead action plans to address critical vulnerabilities (Cyber Security watch)
* Target reduction of the attack surface by blocking TTPs or IOCs on the various IS security platforms (AV/EPP, Web Proxy, Email Gateway, etc.)