Natixis - SOC Analyst L2

Porto

English, SOC, SIEM, SOAR

Natixis is currently hiring a SOC Analyst to join their team
 
About the company: Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Driven by growth, expertise, transformation, and agility, this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as they like to name it, a real tech playground, where you’ll be able to explore a huge tech stack.   
 
About the role: They are looking for a SOC Analyst L2 to join their BPCE IT Business Unit. Integrated within the Security Operation Center (SOC) BPCE-IT, the Blue Team is the first line of defense, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers. 

The main activities are the ones below: 

  • Detection, categorization, and investigation of infrastructure, applications, and security incidents
  • Vulnerability management on critical vulnerabilities (handling, categorization and follow-up)
  • Leading incident response plans
  • Follow-up of remediation plans
  • Implementation of detection scenarios and treatment of associated alerts 

 

The L2 SOC Analyst is responsible for monitoring and analyzing the organization’s networks and systems daily to detect, identify, investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action. 

In addition to your daily duties, as an L2 SOC Analyst, you will provide recommendations for improving security posture and assist with incident response plans, policies, and procedures. Some additional responsibilities may include recommending tools or solutions, participating in audit activities, providing reporting on security events/incidents, and collaborating with other teams across the organization. 

 
Your mission will be:

1) Analysis: 

  • Participation in improving correlation and log analysis rules
  • Conduct investigations and research including statistics 
  • Interpret or perform first-level (Sandbox or manual) minimum scans on malicious codes
  • Improve our Threat Intelligence activity   

2) Handling incidents: 

  • Creating, and managing service requests via our ticketing tools (ServiceNow / SecOps / TheHive)
  • Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, techniques), the scope and the perimeter of compromise 

3) Training: 

  • Knowledge transferring in-house and writing documentation  

4) Apart from these activities, you will have to maintain and develop expertise: 

  • In techniques and tools of digital investigation
  • Methods and tools for analysis (monitoring, training, international conferences, etc.)
 
 
What they are looking for: 
  • You must be operational on the security tools used in the BPCE IS and master the architectures in place
  • Solid knowledge in most of the following technical areas is required, keeping in mind that no one is an expert in every topic
  • The ideal candidate should have advanced problem-solving skills and a background in cybersecurity engineering
  • Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM)  
  • Good experience with Splunk and Regex search syntax
  • Good experience with TheHive
  • Good knowledge of network and system architectures
  • Knowledge of the operation of intrusion detection probes and event log correlation tools
  • Good knowledge of Mitre Attack framework and countermeasures linked to the techniques and tactics
  • Good knowledge of Information monitoring and analysis tools and methods.
  • Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
  • Have a good knowledge of Web application vulnerabilities and malware types (rootkit, ransomware, botnet, etc.), Obfuscation, and persistence techniques (cryptography, packing, etc.), Digital investigation/analysis tools, SandBox behavioral 
  • Good level of English (mandatory)
  • Good level of French will be considered a huge plus
  • Ability to keep up with a demanding and fast-paced environment
  • Good communication skills
  • Good priority definition skills
  • Know how to implement pedagogy methods
  • Ability to work in a team
Want to know more? Get in touch with us ๐Ÿ‘‡
 
I allow DAMIA GROUP to store and process my personal data. My information will be handled in accordance with DAMIA GROUP Privacy Policy*
Download 2024 Benchmark
× Reach out!