Job
Description
We are seeking a highly skilled Security Operations Center (SOC) Analyst with expertise in user case management ( detection engineering ) and dark web monitoring to join Renault Group dynamic cybersecurity team. The ideal candidate will have a deep understanding of cybersecurity principles, threat detection methodologies, and hands-on experience in managing security incidents and monitoring the dark web for potential threats. Key Responsibilities: Utilize security information and event management (SIEM) tools to monitor, analyze, and respond to security events and incidents. Develop and maintain use cases, correlation rules, and alerts to enhance the detection capabilities of the SOC. Investigate security incidents, conduct root cause analysis, and provide recommendations for remediation and risk mitigation. Implement and fine-tune detection mechanisms, including signature-based detection, anomaly detection, and behavioral analysis. Collaborate with cross-functional teams, including threat intelligence analysts, incident responders, and system administrators, to identify and prioritize security use cases based on Renault Groups risk and threat landscape. Document use case logic, implementation details, and testing procedures to ensure consistency and repeatability. Analyze security events and incidents to identify patterns, trends, and potential indicators of compromise (IOCs). Conduct research on emerging threats, vulnerabilities, and attack techniques to inform the development of new use cases and improve existing ones. Monitor the dark web for mentions of the organizations assets, sensitive information, or potential threats. Analyze dark web intelligence to identify emerging threats, malicious actors, and security vulnerabilities relevant to the organization. Create and maintain documentation related to incident response procedures, playbooks, and standard operating procedures (SOPs). Stay current with emerging threats, vulnerabilities, and attack techniques to continually improve the Renault Group security posture. Qualifications Bachelors degree in Computer Science, Information Technology, Cybersecurity, or related field. Strong understanding of security information and event management (SIEM) concepts, log analysis, and security analytics. Experience in developing use cases, correlation rules, and alerts for SIEM platforms Knowledge of security frameworks and standards (e.g., MITRE ATT&CK framework, NIST Cybersecurity Framework, ISO 27001). Familiarity with scripting and programming languages (e.g., Python, PowerShell) for automation and tool development is a plus. Experience with dark web monitoring tools and techniques.
