Entreprise:
Secteur: informatique / télécoms
Taille: Entre 20 et 100 employés
Faurecia is an Equal Opportunity Employer
"Technical Perfection and automotive passion" is what defines Faurecia. We design, engineer and provide the best in technology, systems and services for automobile makers in every major market on all five continents. If you share our ambition for technical perfection and our passion for all things automotive, Faurecia has a career for you.
"Faurecia, a driving force… for your professional growth."
Description de l'annonce:
Our Cybersecurity team is looking for an Incident Response Analyst (m/f) to be based in Tunis.
The Incident Response Analyst will perform IS/IT security incident response tasks within Forvia’s Security Incident Response team (Level 2/3 SOC). This analyst will work closely with the Security Incident and Response Manager. This analyst shall also work with Forvia’s partners, who typically perform EDR detection tasks. He/she shall also contribute to enhance all documentation and procedures and propose/apply all necessary technical improvements to ensure proper responsiveness and efficiency of the team, especially enhancement of playbooks/automation as well as security rules.
Principal Duties and Responsibilities
- Detect and respond to IS/IT security threats within our global corporate landscape, be it production,development or datacenter environments
- Execute on incident response plans, identify root cause and drive mitigations to prevent future occurrences
- Operate on all necessary technologies to identify and respond to IS/IT threats (in particular but not limited to our SIEM Elastic Security and our SOAR Palo Alto XSOAR)
- Request necessary actions and follow up upon execution to other IT teams
- Participate on projects that improve our intrusion detection and incident response capabilities
- Participate on creation and improvement of incident response procedures and remediation workflows – automation, context and orchestration as code
- Participate on creation and improvement of security detection rules on the SIEM
- Be part of Faurecia’s first line of defense. We handle active security events and cutting-edge threats from a variety of sources, and you will be part of a 24/7 on call rotation
The ideal candidate will have/be:
Education and experience
- “Cyber Security” relevant University degree
- Real interest in the field of Cyber Security
- 3 years of experience in Security Incident Response and associated best practices
- Experience in identifying, analyzing, scoping, isolating and eradicating malware or hacking threats
- Understanding of the current threat landscape and adversary tactic, techniques and procedures
- Knowledge of enterprise-scale security technologies and capabilities including SIEM (Elastic), incident management (MISP), SOAR, threat intelligence, packet capture, protocol analysis/NetFlow usage, network and system monitoring and logging, malware analysis, firewalling / network filtering, IDS/IPS
- Capacity to understand, design and enhance incident response processes
- Strong knowledge in Linux, Windows, and network equipment’s operation
- Knowledge in cloud technologies and cloud threat protection
- Knowledge of network and host-based forensic methodologies, user behavioral analysis and other AI/ML oriented cyber security technologies
- Scripting skills (Python is intensively used for our playbooks/automations)
Key competencies
- Stress tolerance
- Methodology, rigor
- Curiosity
- Strong written and oral communication skills
- Teamwork
- Strong critical thinking and problem-solving skills
- Flexibility
Languages
English: fluent