650 €

Ingénieur Cyber Threats Detection confirmé

1 de
Précédent Suivant

Détails de l'offre

  • Identifiant de la mission: 13904

  • Ajoutée: juin 17, 2024

  • TJM: 650 €

  • Emplacement: La Défense

  • Ville: La

  • Vues: 23

La description

Se rendre sur l’annonce pour postuler directement : LIEN DE l’ANNONCE

Bonjour,

Nous recherchons pour un client direct situé à La Défense (92) un ingénieur Cyber Threats Detection (H/F).

Anglais courant impératif.

In which context will you be evolving?

Within the group, GIO is Customer Global Infrastructure & Operations team, part of Customer  Digital & IT. The CSIRT (Computer Security Incident Response Team), sits within GIO and its missions are to anticipate, detect and respond to cyber threats affecting the company. The CSIRT delegates the CyberSOC services to a MSSP, and is composed of an additional 20+ engineers and analysts organized as a follow the sun team around Kuala Lumpur (Malaysia), São Paulo (Brazil) and Paris (France), where the management team is located.

You will join the CSIRT in the Paris La Defense Custimer office (2 days onsite, Tuesdays being mandatory) to support the manager in charge of maintaining and enhancing cyber threats detection.

How will you contribute?

– Create custom analytic rules to detect threats.

– Continuously develop and test detection logic and tooling.

– Drive the improvement of our detection framework, its methodologies, and life cycles.

– Guide and support for analysts in release, implementation, and tuning phases

– Contribute to the review and lessons learned of penetration tests and purple team engagements.

– Conduct knowledge-sharing sessions for edge cases from emerging threats.

– Contribute to the assessment and improvement of telemetry gaps.

Job description – Cyber threats detection engineer

– Knowledge of Active Directory threats.

– Experience working with MITRE ATT&CK framework.

– Experience working with Caldera, Gitlab and SOAR.

– Knowledge of UEBA and AI/ML for threats detection is advantageous.

– Knowledge of cloud infrastructure, cloud security and cloud APIs is advantageous.

– Strong team working skills with ability to build trusted relationships with people and groups with diverse backgrounds, and to influence at operations and management level.

– Professional, with attention to detail – always seeking quality and excellence in their work.

– Collaborative and engaging approach to problem solving and a willingness to work as part of the team.

– Passionate for diversity, recognising the innovation and competitive edge that comes from a diverse highly skilled team where equal opportunities are truly valued.

– A problem-solver, always seeking the best solution for the right outcome.

– Friendly manner, with a willingness to adapt style and approach to achieve quality results.

– Self-motivated, results-focussed, pragmatic with the ability to manage conflicting deadlines and prioritize.

– SEC599, SEC699, MAD 20 ATT&CK Threat Hunting and Detection Engineering, certifications are advantageous

Dans le cas où vous êtes intéressé, pouvez-vous SVP envoyer votre CV au format Word en indiquant votre disponibilité ainsi qu’une fourchette de vos prétentions salariales / TJM ?

Are you a match?

– 5 years experience in CSOC/CSIRT/CERT with 2 years as a detection engineer.

– Translate threat intelligence into actionable detection logic.

– XQL and/or AQL and Sigma experience is a must.

– Working knowledge of at least one major programming language, and scripting languages like Python and PowerShell.

– Good understanding of Windows and Linux operating systems.

– Experience with telemetry/logs produced by platforms (OS, SysMon, firewalls, WebProxy, etc.) and detection capabilities based on network (IDS, NDR, etc.) and endpoints (EDR, XDR) is a must.

– Knowledge of attacker tools, techniques and procedures.

Êtes-vous compatible ?

– 5 ans d’expérience en CSOC/CSIRT/CERT dont 2 ans en tant qu’ingénieur détection.

– Traduire les renseignements sur les menaces en logique de détection exploitable.

– Une expérience XQL et/ou AQL et Sigma est indispensable.

– Connaissance pratique d’au moins un langage de programmation majeur et de langages de script comme Python et PowerShell.

– Bonne compréhension des systèmes d’exploitation Windows et Linux.

– Une expérience de la télémétrie/logs produits par les plateformes (OS, SysMon, pare-feu, WebProxy, etc.) et des capacités de détection basées sur le réseau (IDS, NDR, etc.) et les points de terminaison (EDR, XDR) est indispensable.

– Connaissance des outils, techniques et procédures des attaquants.

Postulez à cette mission

100% gratuit
Fixez vos conditions (Tarifs, 3/5ème ou 4/5ème, Télétravail...)
Nous travaillons pour vous (Nous vous contacterons si vous postulez à cette mission et que des missions similaires peuvent vous correspondre
Echangez avec un référent freelance

Créer un compte
Se connecter


Lien source: www.free-work.com/fr/tech-it/ingenieur-en-cybersecurite/job-mission/ingenieur-cyber-threats-detection-confirme