Apply now »

IT Security Incident Response Analyst

 

You may not know our name, but you have surely used our innovations and solutions.

 

Our mission is to unlock the world and make it safer through cutting-edge identity technologies. Every day, around the globe, we are enabling citizens and consumers alike to perform their daily critical activities (such as pay, connect and travel), in the physical as well as digital space. We are transforming their lives by making the world more secure and yet also more streamlined.

 

We have brought together complementary know-how and technologies that have never been combined before for both the physical and digital era: secured connectivity, secured payments and secured identity management. Cybersecurity, biometrics, large scale distributed systems and Cloud computing, analytics and smart devices are at the core of both our physical products and our software and systems.

 

We serve our clients in 180 countries thanks to our 15,000 employees worldwide. 

 

SCOPE

IT Security Incident Response Analyst” provides global support to managing cyber security incidents within IDEMIA.

 

Mission

In case of suspicion of malicious activity or attack within the information system, the IT Security Incident Response Analyst analyzes the symptoms and performs the technical analyses on the information system. It identifies the attacker's modus operandi and qualifies the extent of the compromise. It provides remediation recommendations to ensure the remediation and hardening of attacked systems.

 

Role and Responsibilities
 

  • Protecting enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team to resolve issues
  • Analyze malware for functionality as well as extraction of indicators that can be used as detection methods
  • Work with other teams to leverage extracted IOCs and IOAs to enhance security posture of the organization
  • Proactively hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts.
  • Act as subject matter expert to provide insight and guidance to colleagues engaging in prevention measures.
  • Analyzing cyber security incidents to solve issues and improve incident handling procedures
  • Receive Tier 2/3 incident escalation from detection operations and assist with real-time, continuous security event monitoring, response, and reporting
  • Proactive coordination with appropriate departments during a security incident – management, legal, security, operations, and others. - Conducting research regarding the latest methods, tools, and trends in digital forensics analysis
  • Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis

 

Skills
 

Communication & Relationship Skills
 

  • Good English knowledge; Advanced english mandatory - conversational
  • Excellent oral and written communication skills;
  • Autonomous, reliable and a good team player.

 

Cybersecurity skills
 

  • Must have a deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
  • Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, HTTP, SMTP)
  • Basic Knowledge of operating systems including Linux/Unix and Windows
  • Experience with
    • programming languages such as Python, Perl, C/C++, PowerShell, etc.
    • security assessment tools such as NMAP, Netcat, Nessus, Metasploit…
    • Endpoint Detection & Response, Endpoint Protection Solutions,
    • SIEM
    • MITRE ATT&CK,
  • Technologies: PCAP, SPLUNK, SYSLOG, Vulnerability scanning tools (Tenable.SC, Tenable.IO, Tenable.AD), Cloud (Azure, AWS), Active Directory,
  • Standards (are considered a plus): OWASP, GDPR, PCI, GSMA, NIST, Common Criteria, ISO 27001 / 27002 / 27004 / 27005 / 27017
  • Knowledge and experience of SCADA and PCN systems would be highly desirable but not mandatory
  • Certified CySA+, GIAC or SEC450/503/588 would be highly desirable but not mandatory

 

Other personal Skills
 

  • Excellent organization, time management, and attention to detail - Must be action-oriented and have a proactive approach to solving issues - Ability to work individually and as part of a team - May need to have or obtain a security clearance
  • Master/Bachelor degree or equivalent experience in the field of Information Technology & Communication;
  • Accountability;

 

 

By choosing to work at IDEMIA, you can join the journey of a unique tech company. You can seize all the opportunities of our fast-paced environment. You can add your distinctive qualities to our global community. You can contribute to a safer world.

 

We deliver cutting edge, future proof innovation that reach the highest technological standards. We’re well established, and yet still agile. We aren’t too big, and we aren’t too small. And we’re transforming, fast, to stay a leader in a world that’s changing fast, too.

 

At IDEMIA, people can develop their expertise and feel a sense of ownership and empowerment, in a global environment, as part of a company with the ambition and the ability to change the world.

 

Our teams are close and collaborative; maintaining a dialogue and developing human connections matter to us. We are truly international and we know that diversity is a key driver of innovation and performance. We welcome people from all walks of life, regardless of how they look, where they come from, who they love, or what they think.

 

Each of our locations has its own advantages to offer a collaborative and friendly work environment.

 

IDEMIA. Expect the unexpected. Join the journey of a unique tech company.

Apply now »