Detection Ingenieur

1/ Context
Cyber Defense Group is sourcing for Global Security Operations Center (SOC) to extend the Global SOC Platform to the Public Cloud security monitoring for AWS, Azure and Google logs and alerts.

The project is in development phase where a resource enforcement is needed to develop and build the Public Cloud Security use cases, response Playbooks and perform end-to-end test plan including user acceptance criteria and deployment to production.

Objectives
- Support the project delivery to extend the existing Global Security Platform Azure Sentinel to monitor the Public Cloud logs and alerts
- Develop and design the detection rules and response Playbook in alignment with the selected security use cases

2/ Service Main tasks

Working closely with both the program team, the existing Cyber Defense team and the external partners, the main duties of the Public Cloud Security service will lead and support the following tasks following the Group internal use case factory highlighted below.
- Assess the existing Cloud use cases
- Document the use cases specifications
- Build the required Detections rules when it's needed
- Develop the response Playbooks needed to react on detected incidents
- Build and perform the end-to-end test plan and user acceptance
- Fine-tune and readjust the Detection rules, Playbooks as needed
- Ensure a smooth user acceptance and production deployment

3/ Service Main Deliverables
-Build detection rules in alignment with the selected use cases for GCP and OpenShift, RedHat
-Build the appropriate response Playbook and Silva ticket to manage security incidents
-Build and perform a detailed test plan for the developed detection rules and response Playbook
-Coordinate and manage the technical handover and user acceptance criteria to move to production/Business As Usual

4/Requiered Expertise
-Use Case development in Azure Sentinel
-Associated playbook writing
-Expertise of cloud provider and associated security solutions: AWS, Azure, GCP,
Azure security Center; Guard Duty
-Expertise of SOC activities: triage, investigation, and response
-Testing approach and user acceptance
-Mitre Att&ack techniques

Huxley (marque du groupe SThree) délivre un service de recrutement de hautes qualités qui s'adapte en fonction des évolutions business. Pendant plus de 20 ans, Huxley s'est attelé à fournir des solutions claires et efficaces qui permettent de solidifier nos partenariats avec nos clients. Notre équipe locale en France recrute des spécialistes IT dans divers secteurs : Banques, Assurances, Services financiers, Monétique, Commerce.