Cyber Threat Investigator

Job Purpose/Summary:

The Identify Service Line is responsible for identifying, assessing and analyzing all of the cyber threats and vulnerabilities that can affect the Group. This Service Line is composed of three main activities:

• Cyber Threat Intelligence (CTI)

• Vulnerability Assessment

• Sandboxing

Key Responsibilities:

Lead will be hierarchically attached to the IT Manager responsible of the CyberSOC team based in India and will daily refer to the Identify Service Line Manager based in France. You will be the Identify Service Line Team Leader (3-4 person team) in India.

The Cyber Threat Intelligence Analyst (Team Leader) will be in charge of ensuring the good delivery of these three services:

• Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures.

- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.

- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.).

• Communicate on vulnerabilities related to the software used in the Saint-Gobain’s scope.

• Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service.

• Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis.

• Produce and communicate monthly KPIs on each activity.

Key Performance Indicators:

The Cyber Threat Intelligence Analyst (Team Leader) will be in charge of ensuring the good delivery of these three services:

• Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures.

- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.

- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.).

• Communicate on vulnerabilities related to the software used in the Saint-Gobain’s scope.

• Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service.

• Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis.

• Produce and communicate monthly KPIs on each activity.

Qualificaton:

• Bachelor’s Degree in Computer Engineering, Information Technology or any relevant certifications.

• Experience in investigating and reporting on cyber-attacks.

• Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods.

• Strong technical skills with an interest in open source intelligence investigations and malware analysis.

• In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls.

• Team-oriented and skilled in working within a collaborative environment and with other Service Lines.

• Good sense of priorities and good sense of initiative.

• Rigorous and autonomous.

• Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.

• Ability to manage and drive a team of analysts.

• Contribute to the development strategy of the Identify Service Line.